Security

SECURITY.md

Security Policy

Scope

AEK is the canonical kernel / verifier / vectors repository.

Security-sensitive areas include:

verifier correctness
canonicalization stability
vector determinism
schema version integrity
forged or unverifiable outcomes
bypass of refusal / defer semantics

Reporting

Please report vulnerabilities privately.

Do not open public issues for:

forged verification success
canonicalization mismatches that alter outcome truth
vector tampering or substitution
verifier bypass
acceptance of invalid receipts or invalid chains

Please include:

affected commit or tag
reproduction steps
expected behavior
observed behavior
security impact

There aren’t any published security advisories