Disclosure Model
If you identify a security flaw or vulnerability within any QXS platform, compiler, or subdomain, please notify us immediately through our encrypted channels.
Trust & Safety
Security disclosure policy
We prioritize platform safety and maintain open, structured channels for responsible vulnerability reporting.
Responsible reporting
Reports should include exact component paths, compilable reproduction steps, potential impact analysis, and any diagnostic proof-of-concept logs.
Contact details
Security Contact:
security@qxs-foundations.org.in
Vulnerability Reporting:
vulnerability@qxs-foundations.org.in
Our Commitment
How we respond
We take security seriously and recognize the crucial role of independent security researchers. We do not prosecute or blacklist reporters who act in good faith and follow responsible disclosure standards.
Upon receiving a report, our engineering team immediately starts triage. We work directly with you to coordinate a secure patch schedule and provide appropriate credit upon public release.
Guidelines
Response Timeline
- 72-Hour acknowledgement: Immediate receipt confirmation and initial triage assessment.
- Coordinated disclosure: We collaborate on fixes and resolve issues before public disclosure.
- User safety first: We prioritize immediate hotfix releases to protect live user nodes.