From 69a39638fb2044c0242b62219511c64da0814614 Mon Sep 17 00:00:00 2001
From: feng <feng@innora.ai>
Date: Sun, 22 Mar 2026 06:45:57 +0800
Subject: [PATCH] docs: add cross-reference to Alipay security research trilogy

Link to all three repos: deeplink (runtime), securityguard (SDK),
and hash-collision-lab (cryptography, IACR 2026/526).

Co-Authored-By: Claude <noreply@anthropic.com>
---
 README.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/README.md b/README.md
index 6f03df7..02d65da 100644
--- a/README.md
+++ b/README.md
@@ -2,6 +2,14 @@
 
 **17 Verified Vulnerabilities | 3 Devices | 308 Server Log Entries | 6 CVEs Applied**
 
+> **Alipay Mobile Payment Attack Surface — The Full-Stack Analysis by [Innora AI](https://innora.ai)**
+>
+> | Layer | Repository | Findings |
+> |-------|-----------|----------|
+> | Runtime | **[alipay-deeplink-research](https://github.com/sgInnora/alipay-deeplink-research)** (this repo) | 17 vulnerabilities, CVSS 9.3 |
+> | SDK | [alipay-securityguard-analysis](https://github.com/sgInnora/alipay-securityguard-analysis) | 9 CVEs, AVMP VM bypass, 97% unprotected APIs |
+> | Cryptography | [hash-collision-lab](https://github.com/sgInnora/hash-collision-lab) | 15 PoCs, IACR ePrint [2026/526](https://eprint.iacr.org/2026/526) |
+
 ---
 
 > ## ⚠️ CENSORSHIP UPDATE — 2026-03-15