This SDK handles private keys, HMAC secrets, and order signing for real financial transactions.

If you discover a security vulnerability, do NOT open a public issue. Instead:

1. Email: create a private security advisory on GitHub
2. Include: description, reproduction steps, and potential impact
3. We will respond within 48 hours

Security-relevant areas of this SDK:

• Private key handling (crypto/signer.hpp) — key zeroing, memory safety
• HMAC signing (crypto/hmac.hpp) — secret storage, OpenSSL usage
• V1 order signing (order/order_builder.hpp) — EIP-712 domain version "1", legacy CTF Exchange 0x4bFb…982E, sig types EOA/PolyProxy/PolyGnosisSafe
• V2 order signing (order/order_builder.hpp) — EIP-712 domain version "2", V2 CTF Exchange 0xE111…996B (neg-risk 0xe222…0F59), adds SignatureType::Poly1271 = 3 for EIP-1271 smart-contract wallets, timestamp / metadata / builder fields signed into the order hash
• TLS/SSL (http_client.hpp, ws_client.cpp) — certificate verification, redirects only followed up to MAXREDIRS=3 (V2 host clob-v2 301-redirects to clob.polymarket.com)
• Salt generation (order_builder.hpp) — CSPRNG quality

• Private keys zeroed on Signer destruction and move (OPENSSL_cleanse)
• HMAC secrets decoded once, key material cleaned after use
• SSL_VERIFY_PEER enabled for all TLS connections; libcurl strips Authorization on cross-origin redirects by default
• Salt generated via OS CSPRNG (std::random_device), masked to 53 bits
• No secrets logged or included in error messages
• Input validation on addresses (length check), token IDs (digit-only), decimals (non-negative)
• EIP-1271 (Poly1271) signature path is V2-only — the SDK never sends a signatureType=3 order against a V1 exchange (sign_order_v2 selects the V2 verifying contract via contract_config_v2)