Security
Lets security combines request protections, E2EE boundaries, abuse prevention, no wallet/protocol access in mobile beta, and responsible disclosure.
Request protections
Public routes and product flows use request protections appropriate for the beta. Sensitive actions may require manual review, rate limits, or other checks when abuse prevention signals show unusual activity.
E2EE and encrypted-message caveat
Where E2EE or encrypted messaging is used, Lets may have limited access to message content. That encrypted-message caveat affects review, so people should use in-product safety tools and clear descriptions when asking for help.
Beta access boundaries
There is no wallet/protocol access in mobile beta, and the public website does not provide financial actions. For responsible disclosure, send a concise report with impact and reproduction steps instead of accessing other people's data.