Please report security issues privately to security@pametan.co rather than opening a public issue. We aim to acknowledge reports within 2 business days.

Treat the following with the same priority as a security report:

• Undetected tampering — any way to modify, reorder or delete records such that verify() still returns valid: true (beyond the documented end-truncation limitation).
• A canonicalisation bug that lets two different events produce the same hash, or the same event produce different hashes.
• PII leaking into a stored record despite redaction being enabled.

Use synthetic/example data in any report.

A hash chain alone cannot detect end-truncation (removal of the most recent records). Anchor the head externally and verify against it; see the README.

The latest published minor version receives fixes. Until a 1.0 release, the API is stable but not yet frozen.