Security Center
Security model, platform details, and vulnerability disclosure
Vulnerability Disclosure
Responsible Disclosure
We take security seriously. If you discover a vulnerability, please follow our responsible disclosure process to help keep the network secure.
How to Report
- 1Email [email protected]
Use PGP encryption for sensitive details (PGP key available on request)
- 2Include detailed information
Steps to reproduce, impact assessment, affected versions
- 3Allow 90 days for fix
We’ll work with you to understand and resolve the issue
- 4Coordinated disclosure
We’ll credit you (if desired) when the fix is released
Severity Levels
| Severity | Description | Response Time |
|---|---|---|
| Critical | Key extraction, complete system compromise | 24 hours |
| High | Attestation bypass, message forgery | 3 days |
| Medium | DoS attacks, resource exhaustion | 7 days |
| Low | Information disclosure, minor issues | 30 days |