The Phosphorus31 (P31) Andromeda Ecosystem is an actively maintained open-source assistive technology platform.
| Version | Supported |
|---|---|
| 1.0.x | ✅ |
| < 1.0.x | ❌ |
DO NOT OPEN A PUBLIC ISSUE FOR SECURITY VULNERABILITIES.
If you discover a security vulnerability within the P31 Ecosystem, the Dual-Ledger economy, or the KILO/KWAI node architecture, please send an encrypted transmission directly to the Lead Architect:
Email: trimtab.signal@proton.me
Response SLA: We will acknowledge receipt of your vulnerability report within 48 hours.
P31 Labs strongly supports independent security research. We will not pursue legal action against researchers who discover vulnerabilities, provided they:
- Do not exploit the vulnerability beyond what is necessary to prove its existence.
- Do not expose, delete, or alter user data (specifically Spoons, Karma, or Genesis Identities).
- Provide us a reasonable amount of time (minimum 30 days) to patch the vulnerability before public disclosure.
| Severity | Response Time | Public Disclosure |
|---|---|---|
| Critical (CVSS 9-10) | 24 hours | 30 days |
| High (CVSS 7-8.9) | 72 hours | 45 days |
| Medium (CVSS 4-6.9) | 7 days | 60 days |
| Low (CVSS 0-3.9) | 30 days | 90 days |
For security inquiries: trimtab.signal@proton.me
This policy aligns with ISO/IEC 29147 (Vulnerability Disclosure) and ISO/IEC 30111 (Vulnerability Handling Processes).