Responsible disclosure
Report a vulnerability
Send all security disclosures to:
Please encrypt sensitive disclosures using our PGP key (published below). Include a description of the vulnerability, reproduction steps, and your assessment of potential impact.
We do not have a formal bug bounty programme at this time. We acknowledge all disclosures and will credit researchers by name or handle (as preferred) in our security advisory when a fix is published.
Scope
The following are in scope for responsible disclosure:
| Component | In scope | Examples |
|---|---|---|
Clearinghouse Workers (api.obligationsign.com) |
Yes | Authentication bypass, tenant isolation failure, API injection, gateway proof bundle manipulation |
Transparency Log Worker (log.obligationsign.com) |
Yes — highest priority | Log append-only invariant bypass, STH signature forgery, Merkle tree integrity failure, cross-leaf linkage bypass |
Validator Workers (val-*.obligationsign.com) |
Yes | Validator identity bypass, AGTS_VOTE_V1 signing manipulation, quorum threshold bypass |
Monitor Worker (monitor.obligationsign.com) |
Yes | Consistency check bypass, gossip protocol manipulation |
Static website (obligationsign.com) |
Limited | XSS affecting logged-in users with governance data access; CSRF on authenticated endpoints only |
Cryptographic implementation (agts-clearinghouse/lib/) |
Yes — highest priority | ECDSA / Ed25519 signing errors, SHA-256 misapplication, canonical JSON non-conformance |
Out of scope: social engineering, physical attacks, attacks against Cloudflare infrastructure, attacks requiring compromised Sovereign Authority hardware, DoS/rate-limit bypass without demonstrated governance impact.
Response SLA
| Severity | Initial response | Status update | Fix target |
|---|---|---|---|
| Critical (log integrity, auth bypass) | 4 hours | 24 hours | 72 hours |
| High (validator manipulation, data exposure) | 24 hours | 48 hours | 7 days |
| Medium (denial of governance, rate limit bypass) | 48 hours | 1 week | 30 days |
| Low (informational, non-exploitable) | 1 week | 2 weeks | Next release |
Architectural security note
The transparency log is self-defending
The AGTS transparency log's security properties derive from the Merkle tree structure, not from ObligationSign's operational security. If ObligationSign's infrastructure were compromised, an attacker could not retroactively alter or remove an admitted leaf without breaking the Merkle consistency proof. Any monitor watching the log would detect the fork via the gossip protocol.
This means the most valuable security property — the immutability of the governance record — is not contingent on our operational security. Cryptographic self-defense is intentional.
The highest-value attack surface is the admission path: the clearinghouse workers that validate and submit governance envelopes. A compromise there could allow admission of invalid envelopes. This is why the log worker code is fully open source and the admission logic is fully specified in the normative specification.
PGP key for encrypted disclosures
Security advisories
Security advisories are published on GitHub at github.com/obligationsign/agts-clearinghouse/security/advisories after the fix is deployed.
No advisories published — the log is not yet live. Advisories will appear here and on GitHub as the infrastructure is deployed.