Security contact request for private vulnerability disclosure

[Teycir]

Hello maintainers,

I identified a potential security issue in zkemail/zk-email-verify.

I have not shared technical details yet because I want to disclose it through a private channel first.

Could you please confirm:

1. the correct private security contact/channel for this repository, and
2. whether you prefer email or a maintainer-opened private GitHub advisory.

For safety, I am not posting technical details in this public issue.

Thank you.

[Divide-By-0]

A group chat on telegram with @rutefig and @yush_g is best. Not sure what you mean by the GitHub advisory question

[Teycir]

Thanks for the quick response.

For vulnerability disclosure, I need a private and auditable channel (not Telegram chat).
Could you please do one of these:

1. Open a private GitHub Security Advisory draft for zkemail/zk-email-verify and add me as collaborator, or
2. Confirm an official security email/contact owned by maintainers for confidential reports.

I’ll share full technical details immediately once a proper private channel is confirmed.
For safety, I won’t post exploit details in this public issue.