Only the latest release on the main branch is supported. Users should always update to the latest version.
If you discover a security vulnerability in jevil, you are welcome to report it by opening a GitHub issue or submitting a pull request with a fix. There is no requirement for coordinated or private disclosure — use whichever method you prefer.
Please include:
- A description of the vulnerability and its potential impact.
- Steps to reproduce the issue, or a proof of concept if applicable.
- A tested, complete fix, if possible.
This is a research-grade proof-of-concept implementation of a brand-new, completely novel cryptographic scheme. Both the scheme itself and this implementation have received close to zero peer review.
- The construction has not been vetted by the cryptographic community.
- The security proofs have not been independently verified.
- The code has not been audited.
- There are almost certainly bugs, side channels, and possibly fundamental design flaws that have not yet been discovered.
- APIs, wire formats, and parameter choices may change without notice.
Treat this repository as a research artifact only. Do not use it to protect anything you care about. Do not deploy it. Do not rely on it for any security property whatsoever.