No audits to publish yet, no bounty pool funded, no production money in flight — because we haven't launched the surfaces that need them. This page describes how we'll get there, and how to reach us when you find something we missed.
Every on-chain action is signed by the user's own wallet. Bots execute under scoped session keys (EIP-7702 / Solana session-key pattern) with explicit allow-lists for programs, methods, recipient sets, per-tx caps, and TTL. No private key ever leaves the client.
The session-key signer ships as a tagged release with SHA-256 manifest. Builds are reproducible from source, signed with Sigstore / cosign, and verifiable against the published digest before install. Self-hosting supported.
All admin / upgrade actions are gated by an N-of-M multi-sig (hardware-key signers) behind a 48 h timelock. Signer set, threshold, and timelock parameters are published on-chain at TGE and any change runs through the same gate.
Source verified on the canonical explorer at deploy. Deterministic build pipeline. Upgradeability via transparent-proxy pattern with timelocked admin. External audit commissioned before $X3AI TGE — firm, scope, and report linked here when signed off.
All traffic terminates on a Cloudflare edge with TLS 1.3 only, HSTS preload, OCSP stapling, and a strict Content-Security-Policy (script/style/img/connect explicit allow-lists, nonce-based inline). Bot-management + L3/L4 + L7 DDoS protection. WAF rules tuned for the generator surface.
Application runs on Vercel (edge functions + serverless) across US/EU regions with automatic failover. RPC traffic routed through Helius (Solana) and Alchemy / dedicated nodes (EVM) with per-app rate limits. Generator workers run in isolated sandboxes — no shared file system across jobs.
No secret ever lives in a git repo, an env file, or a build log. All credentials are issued from a managed vault (Doppler / Vercel encrypted env), scoped per environment, rotated on a 90-day cadence, and revoked on any departure. Model-provider keys are short-lived and per-request scoped where the provider supports it.
All databases (Postgres on Neon / Supabase) and object storage are encrypted at rest with AES-256, daily point-in-time backups, and a documented restore drill. PII is minimized — we collect a wallet address and prompt content, nothing more.
Wallet-based auth via Sign-In with Ethereum / Solana. Short-lived JWT sessions (httpOnly, Secure, SameSite=Lax) with refresh rotation. No passwords stored, ever.
Every API request is parsed through a Zod schema. Server-rendered output is contextually escaped. Generator output is sandbox-rendered (sandboxed iframe with srcdoc + restricted permissions) so untrusted prompts can't pivot into our origin.
Token-bucket limits at the edge (Cloudflare) and at the application layer (Upstash Redis). Per-wallet, per-IP, and per-route. Abusive prompts hit a model-side moderation pass before generation.
Production access is SSO + hardware-key MFA only. No human has standing read on user data — break-glass access is JIT-approved and logged. Service accounts are scoped per function with explicit IAM grants.
Lockfile-pinned. Renovate bot opens upgrade PRs. Dependabot + Socket scan every PR for known CVEs and supply-chain risk (typosquats, install-time scripts). High-severity findings block merge.
CI on GitHub Actions with OIDC-issued cloud creds (no long-lived tokens). Release artifacts are SHA-pinned and signed with Sigstore cosign. Production deploys require a PR review and a green security check.
Structured JSON logs from every service shipped to a central sink (Axiom / Logtail). 30-day hot retention, 1-year cold. PII scrubbed at the source. Request-scoped trace IDs for end-to-end correlation.
Sentry for app errors, BetterStack for uptime, custom Grafana boards for RPC latency & queue depth. PagerDuty rotation, 15-min response SLO for sev-1, public status page at status.x3web.ai when live.
Written runbooks for key failure modes (RPC outage, model-provider outage, suspected key compromise). Blameless post-mortems on every sev-1, published within 7 days.
PGP key on this page at launch. We acknowledge within 24 h, triage within 72 h, and agree a fix + disclosure window with you. Public credit when patched, unless you'd rather stay anonymous.
A tiered bounty on a recognized platform launches with TGE — paid in stablecoin, reward bands published then. No pool is funded yet; until then, responsible reporters are recognized in the launch notes.
No certifications are claimed yet. Anything listed above is on the work plan, not on the wall. Real certificates and scopes will appear here once issued.
