Validation

Completed, in-progress, and planned trust validation.

This page keeps internal proof, external review, and future compliance claims separate. Nothing is marked completed unless there is a public artifact or live audit result.

Return Home Metrics Vulnerability Disclosure Trust EvidenceEvidence Checklist

Completed

Internal and deployment validation already published.

Internal route audits

Status: completed. Healthcheck validates local/public spendability, portal, checkout, and service state.

Deep public audit

Status: completed. DRK, wL6ETH, marketplace, games, staking, dice, public APIs, and blocked sensitive APIs are checked.

Remote drift check

Status: completed. Remote nginx and tunnel routing are checked for the expected live port and route configuration.

Deployment verification

Status: completed. Nginx config test passed before reload; live routes returned 200 after deployment.

Proof captures

Status: completed. Screenshots and route/header/body artifacts are stored in ops proof bundles.

Public disclosure pages

Status: completed. Terms, privacy, risk disclaimer, vulnerability disclosure, metrics, founder, architecture, roadmap, and testimonials-status pages are live.

In Progress

Trust milestones that need third-party or real-user artifacts.

Third-party security review

Status: in progress target. Required artifact: reviewer, scope, date, findings, remediation status, and public report.

Penetration test

Status: in progress target. Required artifact: test scope, methodology, severity table, fixes, and retest result.

Public bug bounty

Status: in progress target. Vulnerability disclosure page is live; bounty scope and rewards are not yet published.

External code review

Status: in progress target. Required artifact: reviewed commit/repo scope, reviewer identity, issue list, and remediation notes.

First public case study

Status: in progress target. Required artifact: named user or organization, consent, use case, outcome, and evidence.

Adoption feeds

Status: in progress target. Required metrics: active users, verified members, capsules issued, checkouts, proof drops, retention.

Planned

Compliance milestones that are not claimed yet.

SOC 2

Status: planned. Not claimed. Requires formal controls, audit readiness, auditor engagement, and report publication.

ISO 27001

Status: planned. Not claimed. Requires ISMS scope, controls, audit, certification, and public certificate details.

Formal legal review

Status: planned. Public beta disclosures are live, but formal jurisdiction-specific legal review is not claimed.

Publication rule

No external validation is claimed until a public artifact exists.

This is intentionally strict. It prevents marketing language from getting ahead of evidence and makes the remaining trust gap visible to users, partners, and investors.

For the public publication tracker covering legal identity, reserve proof, liquidity proof, airdrop execution, adoption metrics, and incident history, see the Evidence Publication Checklist.