This directory contains the security posture documentation for the Nova Rewards platform.
| Document | Description |
|---|---|
| Threat Model | STRIDE analysis of threats across contracts, API, frontend, and infrastructure |
| Incident Response Plan | Severity classification, response phases, and playbooks for common incident types |
| Security Best Practices | Coding and operational standards for contracts, backend, frontend, and infrastructure |
Suspected active incident? → Follow the Incident Response Plan
Starting a new feature? → Review Security Best Practices for your layer
Threat assessment for a change? → Reference the Threat Model
Audit reports → See /docs/audits/