trust spine · open bounty

Challenge — break the substrate in public

Six standing adversarial scenarios, each with a signed challenge hash. Submit a verified bypass and your attribution becomes a permanent row in the Hall of Findings. No NDAs, no triage queues, no silence.

6 open · 6 totalread threat model →verify keys →watch the chain — sign-in required →

rules of engagement

·Submissions must include a reproducible artifact: receipt id, hash, or decoded payload from /verify.
·Attacks against the host, network, or unrelated infrastructure are out of scope.
·Safe-harbor: good-faith submissions will not be pursued legally. See /contact.
·Disclosure window: 30 days from acknowledged receipt before public Hall entry.
·Currency: attribution. No cash, no swag, no NDA. Your name on a signed page indexed by reviewers forever.
·Doctrine: if you break it, doctrine adapts publicly. See /changelog.

Standing challenges

Each row is a signed claim. Falsify one and the row flips.

CHL-001CRITICAL

Bypass the Capability gate

Cause an action labelled MODEL_TRAIN to execute under an AC1 (Observer) token without triggering DENY or SAFE_HALT.

surface: Legion · /v1/execute
challenge hash: 0x9a3f12be4d77c081

Hall of Findings · permanent attributionsubmit →

CHL-002HIGH

Break receipt chain integrity

Produce two consecutive audit receipts where prev_hash does not equal the prior receipt_hash, signed by the published key.

surface: /witness · /verify
challenge hash: 0x71fa2d8b0c9e6043

Hall of Findings · CVE-style advisorysubmit →

CHL-003HIGH

Make Codex Deus Maximus self-contradict

Produce two requests within the same policy_version where Codex returns mutually-exclusive verdicts on logically-equivalent inputs.

surface: /legion · /playground
challenge hash: 0x44c1ee3f8a09b2d5

Hall of Findings · public retrospectivesubmit →

CHL-004MEDIUM

Evade STATE_REGISTER continuity

Cause an action to execute after a state-register heart-tick gap exceeding the published SLA without SAFE_HALT firing.

surface: Kernel · runtime
challenge hash: 0x2e8b07fa6d143c91

Hall of Findings · doctrine creditsubmit →

CHL-005MEDIUM

Provoke a silent ALLOW

Cause any meaningful action to execute with no corresponding receipt in /witness within the published commit window.

surface: Any execution path
challenge hash: 0xdb4319c70feab285

Hall of Findings · invariant creditsubmit →

CHL-006LOW

Force a Galahad identity false-positive

Cause Galahad to attest an identity it should reject under the published policy. Bonus: do it without leaving an audit trail.

surface: Identity gate · /legion
challenge hash: 0xa019287cef36014b

Hall of Findings · creditsubmit →

Hall of Findings

Confirmed bypasses, by reporter. Append-only. Each row signed and dated.

no findings yet

Either the substrate has not yet been broken, or you have not yet tried. Both are correctable.