Security at VettID

How to report

Email us at the address below. Encrypt with the PGP key further down if your report contains exploit details, user identifiers, or anything you wouldn't want in a mailbox compromise.

Acknowledgement target: 72 hours. Triage + fix timeline depends on severity — see below.

What to include

• What you found — type of issue, affected component, version / git SHA if you have one.
• How you found it — steps to reproduce, proof-of-concept if available.
• What an attacker could do with it — your read on impact.
• Any thoughts on remediation (optional but appreciated).

Scope

In scope for disclosure:

• The enclave (vault-manager, supervisor, parent process) and its attestation chain.
• The mobile app (Android, iOS) — credential handling, pairing, session crypto, key storage.
• The desktop app (Tauri) — session establishment, capability gating, IPC.
• The agent connector — pairing flow, LEASH signing, message encryption.
• API endpoints under api.vettid.dev and JetStream messaging at nats.vettid.dev.
• The web surfaces at vettid.dev.

Out of scope:

• Denial-of-service issues against unmoderated public endpoints.
• Findings that require physical access to an already-unlocked device.
• Social engineering of operators or other users.
• Issues in third-party dependencies that don't materially affect VettID's threat model — report those upstream first, then us if there's a VettID-specific configuration issue.
• Reports generated by automated scanners without a verified impact analysis.

Severity and response

• Critical (remote key extraction, attestation bypass, owner-data exposure): immediate triage, hotfix within days.
• High (privilege escalation, capability bypass, session key compromise vectors): triage in 72 hours, fix in days.
• Medium (incomplete isolation, sensitive metadata leakage, auth quality issues): triage in a week, fix in the next deploy cycle.
• Low (defense-in-depth gaps, hardening): triage on a best-effort basis.

We will keep you in the loop through triage, fix, and deploy. If you want public credit on a published advisory, say so in your report.

Safe harbor

We will not pursue legal action against researchers who:

• Make a good-faith effort to avoid privacy violations, service interruption, or data destruction during research.
• Give us a reasonable window to remediate before public disclosure.
• Don't access, modify, or destroy data belonging to other users.
• Don't run automated tooling that materially affects service availability.

If you're not sure whether something you want to try falls within these guidelines, email us first.

PGP key

The fingerprint and full ASCII-armored block are below. The same key is published to keys.openpgp.org for verification.

Copy the block below and import with gpg --import. The same key is also published to the Proton key directory (auto-fetched by gpg --auto-key-locate wkd security@vettid.org) for cross-verification.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: ProtonMail

xjMEahS+BxYJKwYBBAHaRw8BAQdABGU4csmGUZsEkB11Y3anH1Hnn0YoQsPC
7J4F3VUKX2TNKVNlY3VyaXR5QHZldHRpZC5vcmcgPFNlY3VyaXR5QHZldHRp
ZC5vcmc+wsARBBMWCgCDBYJqFL4HAwsJBwkQFSOMA7QE2utFFAAAAAAAHAAg
c2FsdEBub3RhdGlvbnMub3BlbnBncGpzLm9yZ75OD21JsyGQ2ZExpa44dE+V
TKTQnElEsbCdVhKRI4ziAxUKCAQWAAIBAhkBApsDAh4BFiEE4jqD1ngoLNee
leX3FSOMA7QE2usAAJQ6AP9IdAUyA104D7TMmChgR6PyopWHjjnE5E7TA81P
fkrLPAEArrnwYBLo75n5wvUZijDFotiQYtcqhEtfd2dW+/VktwjCwB4EEBYI
AJAFgmoUvkMFgwDtTgAJENgGwa9ZeOjHNRQAAAAAABwAEHNhbHRAbm90YXRp
b25zLm9wZW5wZ3Bqcy5vcmcOkqeC8y8+0pMk2wm0RnKSLBxvcGVucGdwLWNh
QHByb3Rvbi5tZSA8b3BlbnBncC1jYUBwcm90b24ubWU+FiEECoZS/l1TOGBX
iZ/p2AbBr1l46McAAGDEAQCtUWPkQVWsQrBRRGGyBICUr+6tSW11TcyVoJh1
Ylyp8QD9EI5YT7Au2h0bcpkmWYFek4qVEiESqdtiDrHJObGqKgjOOARqFL4H
EgorBgEEAZdVAQUBAQdAGmt3mrBESbspOJCVKm0wyU4iwPdO7YDBfr8wc9zE
TjIDAQgHwr4EGBYKAHAFgmoUvgcJEBUjjAO0BNrrRRQAAAAAABwAIHNhbHRA
bm90YXRpb25zLm9wZW5wZ3Bqcy5vcmcjbF1qe03HyUX8l5gXCaW+qZmA6HWp
KyIuXBYJv9anCQKbDBYhBOI6g9Z4KCzXnpXl9xUjjAO0BNrrAABGcgD/Tm0K
dfUPJp1chfcTSDeC7O4JCyaDLFrTpBgfNxobpSgBALaLBd69bz7GrelAbCQa
4NmY7qOgnCF9OITO5oZgl98F
=9vw7
-----END PGP PUBLIC KEY BLOCK-----

What we log

Honest disclosure of what the operator side can see:

• Host journal (AWS EC2 parent process): NATS routing metadata — your owner_space GUID, operation subjects, message types, response sizes, timing. No payload content. Default level is WARN+; the on-call can elevate to DEBUG for incident triage.
• Enclave (where your plaintext lives): no external logging. Goroutine-stack diagnostics only on detected stalls; they do not contain buffer contents.
• DynamoDB tables: enrollment metadata (pseudonymous), proposal/vote records (anonymized for published artifacts), LEASH attestation pubkeys (public by design), LEASH issuance log (jti + scope + expiry for revocation lookup).
• S3: encrypted vault databases (one per user; opaque to operator).

What the operator cannot see: any decrypted payload, your vault contents, your session keys, your credential values. The enclave's attestation chain is what makes this enforceable rather than a promise.