← Security

Security Policy

Last updated: 2026-05-05 — Disclosure timeline: 90 days standard

Scope

The following systems and components are in-scope for vulnerability reports:

• api.pqsafe.xyz — the AP2-PQ Cloudflare Worker (verify, revoke, audit endpoints)
• All @pqsafe/* npm packages: agent-pay, openclaw, mcp-server, mastra
• PyPI packages: pqsafe-agent-pay, langchain-pqsafe, crewai-pqsafe
• Smart contract 0x142bA5626bf8B032EB0B59052421C42595417F5d (SpendEnvelopeRegistry on Arbitrum Sepolia)
• ClawHub skill pqsafe-pay
• This website (pqsafe.xyz)

In-Scope Vulnerability Classes

• ML-DSA-65 signature forgery or bypass
• Replay attacks against SpendEnvelopes
• Audit-log tampering or hash-chain break
• Spend-cap bypass (executing above the authorised limit)
• Recipient-allowlist bypass (paying an unauthorised recipient)
• Key-rotation flaws (old key accepted after rotation)
• Dependency CVEs with exploitable impact on in-scope components
• Authentication or authorisation bypass on revocation endpoint
• Nonce replay allowing double-spend

Out of Scope

• Third-party payment rails (Stripe, Airwallex, Wise) — report directly to those providers
• Social engineering and phishing attacks
• Physical attacks
• Theoretical vulnerabilities with no practical exploit path
• Vulnerabilities in OFAC-sanctioned jurisdictions where we cannot legally engage
• Rate-limiting and denial-of-service without cryptographic impact

---

Disclosure Timeline

We follow a 90-day coordinated disclosure timeline. We ask that you:

• Report via GitHub Security Advisories or [email protected]
• Allow us 90 days to investigate, patch, and ship a fix before public disclosure
• Coordinate the disclosure date with us if a fix requires more time

We will acknowledge receipt within 3 business days and provide a status update within 14 days.

Bug Bounty

Immunefi program launching May 2026

A formal Immunefi bug bounty program is planned for May 2026, covering the AP2-PQ Worker, SpendEnvelopeRegistry contract, and core SDK packages. Reward tiers will be published with the program launch.

Until the Immunefi program is live, we acknowledge all valid critical and high-severity reports in our Hall of Fame.

Hall of Fame

Researchers who responsibly disclose valid vulnerabilities are recognised in our Acknowledgments page (with their consent).

---

Contact

• Sensitive reports: GitHub Security Advisories (encrypted, private)
• General security questions: [email protected]
• Machine-readable policy: /.well-known/security.txt (RFC 9116)