Skip to content

Security: open-covenant/covenant

Security

SECURITY.md

Security Policy

Covenant treats anything that can move value, alter execution rights on the daemon, or affect identity / capability / settlement integrity as in scope for responsible disclosure.

Supported versions

The latest main branch is in scope.

Once releases are cut, the latest released daemon and on-chain settlement program will remain in scope, plus the immediately previous release during the rollout window.

Reporting a vulnerability

Do not open a public issue for anything that could compromise keys, capability tokens, on-chain funds, audit-log integrity, or the daemon's enforcement boundary.

Preferred channels:

  1. GitHub private advisory: github.com/open-covenant/covenant/security/advisories/new
  2. Email: security@opencovenant.org

Include:

  • affected crate, binary, RPC route, or program
  • impact and realistic attacker outcome
  • minimal reproduction (commands, payloads, or transaction sequence)
  • suggested mitigation, if you have one

We aim to acknowledge within 48 hours and share an initial triage decision within 7 days.

Scope

In scope

  • daemon enforcement paths (capability checks, audit logging, agent dispatch)
  • identity and key management (covenant-identity)
  • capability sign / verify (covenant-permissions)
  • IPC and HTTP gateway authentication paths
  • on-chain settlement program (agent-os/programs/settlement)
  • agent runtime isolation boundary

Out of scope

  • spelling and copy issues
  • log-level / cosmetic bugs in the operator UI
  • third-party vulnerabilities that should be reported upstream
  • attacks that require prior compromise of the operator's machine or signing key

Severity

Severity Example
Critical unauthorized capability bypass, unsigned dispatch, on-chain fund loss, key extraction
High audit-log forgery, capability replay, settlement bypass
Medium logic flaw without direct loss of value
Low defense-in-depth or hardening issue

Severity is assigned by maintainers after triage.

There aren't any published security advisories