Skip to content
On this page

Security

ClashT is a network management tool, so security is important to ClashT.

We will put the Security of ClashT first, so at some update, some functions may be canceled to ensure User safety.

Danger Levels

Here, we introduce a concept to distinguish danger levels.

  • Level 1: Superlative, there are dangerous in all situations. (90%+)
  • Level 2: Need to be vigilant, only in some cases there is no danger. (70%+)
  • Level 3: Be careful, there are some cases is danger. (45% ~ 70%)
  • Level 4: Can be ignored, there is no danger under most situations. (25% ~ 45%)
  • Level 5: Safe, there may be risks we haven’t discovered yet. (0%+)

To Prevent Disagreements

"danger" refers (including but not limited) to ClashT crashing, User being attacked, and encryption fail.

The percentages are our expected numbers and do not imply that we calculated them accurately.

Update Suggestions

When we update, we will use some suggestions to make it understandable for Users who do not read this document.

txt
This update is very important! We have strong suggestions for this update. (L1)
txt
We have some strong suggestions for this update. (L2)
txt
We have some minor suggestions for this update. Please proceed with updating to v— according to your preferences. (L3)
txt
We have some minor suggestions for this update. Please proceed with updating to v— according to your preferences. (L4)
txt
We do not have any specific suggestions for this update. Please proceed with updating to v— according to your preferences. (L5)

Found it? These suggestions all have levels specified.

Experimental Features

Not only for updates, we will also introduce experimental features in other cores (ClashT being a normal core). These features may pose certain risks; therefore, their danger levels will be clearly stated in the documentation.

Report Security Vulnerability

When submitting issues, you can select "Report a security vulnerability" to inform us of any vulnerabilities. We will review issue promptly. We also welcome your assistance after submitting a vulnerability (for effective communication, please use English).