# Qryptonic Security Vulnerability Disclosure Policy
# https://securitytxt.org/

Contact: mailto:security@qryptonic.com
Expires: 2027-01-01T00:00:00.000Z
Encryption: https://qryptonic.com/.well-known/pgp-key.txt
Preferred-Languages: en
Canonical: https://qryptonic.com/.well-known/security.txt
Policy: https://qryptonic.com/trust-center#vulnerability-disclosure

# Scope
# In-scope: *.qryptonic.com, Qryptonic platform APIs
# Out-of-scope: Third-party services, social engineering, physical attacks

# Safe Harbor
# We will not pursue legal action against researchers who:
# - Act in good faith to avoid privacy violations and data destruction
# - Promptly report vulnerabilities and do not publicly disclose before resolution
# - Do not access or modify data belonging to others
# - Do not degrade service availability

# Acknowledgments
Acknowledgments: https://qryptonic.com/trust-center#security-acknowledgments