Skip to content

How we protect you

The chain settles it.
Not the phone call.

When something goes wrong, you don't argue with us. You walk the signed event chain. The bytes tell the story — and the story can't be edited after the fact.

The posture

Six positions we don't move from.

  • Encrypted in transit + at rest

    TLS 1.3 with rustls (no OpenSSL surface). AES-256-GCM at rest. Argon2 for password hashing.

  • Signed events end-to-end

    Ed25519 on every state change. The rider, the driver, and the platform all verify the same record. Read /trust for the chain walkthrough.

  • DIDs, not passwords

    Every agent + driver + tenant carries a W3C did:oas DID rooted in a human signing key. No reused-password attack surface for autonomous identities.

  • Capability tokens (ACTs)

    Scoped, expiring, revocable. Arsenal mints them; every API surface verifies them. No long-lived bearers.

  • Sigil anchoring

    City pause, refund cap exceeded, driver bond revocation — all anchored on Sigil with a Rekor URL surfaced on the ops console.

  • Bug bounty + responsible disclosure

    security@l1fe.ai. PGP key fingerprint published in the spec. One business day response; safe-harbor for good-faith research.

Quiet certainty

Sealed
and signed.

Every weave envelope is canonical-JSON, signed at the device, and stored unchanged. The bytes you receive over webhook are the bytes the chain anchors.

Reporting a vulnerability

Email security@l1fe.ai.

We accept reports in English and encrypt-only via PGP. Include the URL, the reproduction steps, and the impact you can demonstrate. We acknowledge within 24 hours; resolution SLA depends on severity (P0 within 24h, P1 within 7d, P2 within 30d).

Safe harbor.

Good-faith research conducted within scope (production domains, no PII exfiltration beyond proof, no service disruption) is not pursued legally. We follow the principles of the disclose.io safe-harbor framework.

Hall of fame.

Researchers who report a valid vulnerability — and ask to be credited — are listed on this page after the fix ships and the embargo lifts. The first names appear when the program goes live.

Related

Trust, compliance, insurance.

See Trust for the signed-event walkthrough, Compliance for the eight frameworks, Insurance for the rideshare 3-period state machine.

Trust & signed eventsCompliance