Incident Response

Security reporting and incident handling.

This page defines how incidents are classified, how reports should be sent, and what public response users should expect.

Return Home Trust Evidence Hub Security Launch Readiness

Reporting

How to report a security issue.

Disclosure channel

Status: Published

Security issues can be reported to ops@atomic-a-i.cloud until a separate security mailbox or bug-bounty route is published.

Responsible reporting

Reports should include affected route, wallet flow, proof route, transaction hash if relevant, and exact reproduction steps.

Public claim rule

No staffed bug bounty, SOC 2 desk, or independent response retainer is claimed until linked publicly.

Classification

Incident severity model.

Critical

Custody, contract, treasury, or domain compromise with possible loss or unauthorized control.

High

Authentication, route bypass, settlement, or write-surface weakness with material impact.

Medium

Protected route confusion, proof drift, or sensitive workflow weakness without immediate custody loss.

Low

Presentation, wording, or non-sensitive route issue with limited operational impact.

Status View

Public status and trust surfaces tied back to incident handling.

Atomic AI ecosystem dashboard showing status, explorer, docs, and other public trust surfaces.

Response Targets

Expected handling targets.

Acknowledge

Target: within 24 hours for critical or high-severity reports after publication of a formal reporting channel.

Contain

Target: immediate route review, rate limits, session revocation, or page-state changes for active abuse surfaces.

Notify

Target: public status notice when user funds, trust evidence, or public routes are materially affected.

Review

Target: publish remediation status or claim boundary updates after containment.

Status Routing

What public users should expect during an incident.

The public site should move affected routes into review or paused state, keep trust claims bounded, and direct users back to the trust evidence hub until the issue is resolved.

Public Incident History

Visible even when the count is zero.

3 June 2026

No publicly disclosed security incident is published at this time.

Publication rule

If a material route, wallet, treasury, or trust issue affects users, this page and the public status route should be updated together.

Status link

Use the status page for current route health and the founder updates trail for dated public changes.