diff --git a/README.md b/README.md index ff41a5e..a5cf064 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,9 @@ [![Latest release](https://img.shields.io/github/v/release/Sentriscloud/solux?include_prereleases&sort=semver)](https://github.com/Sentriscloud/solux/releases/latest) -Self-custody mobile wallet for [Sentrix Chain](https://sentrixchain.com) (SRX). Flutter, multi-platform (Android primary; iOS, macOS, Linux, Windows targets supported). +> ⚠️ **PROTOTYPE — DO NOT SEND REAL FUNDS.** This repository currently contains UI scaffolding only. There is no key generation, no signing, no on-chain integration. The "send", "view seed phrase", and "export private key" buttons are non-functional placeholders. Treat any APK built from this repository as a design preview, NOT a working wallet. Crypto layer (key gen, BIP-39 seed, transaction signing, RPC integration) is on the roadmap; this README will be updated when those land. + +UI prototype for a future self-custody mobile wallet on [Sentrix Chain](https://sentrixchain.com) (SRX). Flutter, multi-platform (Android primary; iOS, macOS, Linux, Windows targets supported). Part of the [SentrisCloud](https://github.com/sentriscloud) product suite. diff --git a/SECURITY.md b/SECURITY.md index 019be6f..9653378 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -21,12 +21,16 @@ Please include: ## Scope -In scope: +This repository is currently a **UI prototype** — no key generation, signing, or chain integration is implemented. Any "wallet" path in the app is a non-functional placeholder. -- Smart contracts deployed via canonical addresses on Sentrix Chain (chain ID 7119 mainnet, 7120 testnet) -- Sentrix node binary (consensus, state, EVM) -- Frontend apps that handle user keys or balances (faucet, scan, coinblast, dex, solux) -- Indexer / SDK that touches user-controlled data +Reports about UI/UX, build pipelines, and dependency vulnerabilities are still in scope. Reports about key handling / signing / sending funds are not applicable until the crypto layer lands (see README). + +In scope when crypto layer lands: + +- Key generation, storage, signing +- Transaction construction + RPC integration +- Mnemonic / seed handling +- Build configs (release signing, ProGuard / R8) Out of scope: