{"id":2311459,"date":"2026-02-17T19:23:30","date_gmt":"2026-02-17T19:23:30","guid":{"rendered":"https:\/\/aivaulttech.com\/?page_id=2311459"},"modified":"2026-02-17T19:23:30","modified_gmt":"2026-02-17T19:23:30","slug":"responsible-disclosure-vulnerability-disclosure-policy","status":"publish","type":"page","link":"https:\/\/aivaulttech.com\/sv\/responsible-disclosure-vulnerability-disclosure-policy","title":{"rendered":"Responsible Disclosure &#038; Vulnerability Disclosure Policy"},"content":{"rendered":"<p><strong>AI Vault Systems Inc.<\/strong> <br>(Verksamhet i USA och Europeiska unionen via AI Vault Iberia S.L.)<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">1. Syfte<\/h2>\n\n\n\n<p>AI Vault Systems Inc. (\u201cAI Vault\u201d, \u201cf\u00f6retaget\u201d, \u201cvi\u201d, \u201cv\u00e5r\u201d) uppr\u00e4tth\u00e5ller ett samordnat program f\u00f6r avsl\u00f6jande av s\u00e5rbarheter f\u00f6r att s\u00e4kerst\u00e4lla s\u00e4kerheten, integriteten och motst\u00e5ndskraften hos:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>V\u00e5r infrastruktur f\u00f6r AI-data<\/li>\n\n\n\n<li>Molnsystem och API:er<\/li>\n\n\n\n<li>Webb- och mobilapplikationer<\/li>\n\n\n\n<li>Smarta kontrakt och blockchain-integrationer<\/li>\n\n\n\n<li>Virdato (VIRD) ekosystem f\u00f6r verktygstoken<\/li>\n\n\n\n<li>Tokendistribution och bel\u00f6ningsmekanismer<\/li>\n<\/ul>\n\n\n\n<p>Vi st\u00f6der ansvarsfull s\u00e4kerhetsforskning och uppmuntrar samordnad information i enlighet med till\u00e4mplig amerikansk lag och EU:s f\u00f6rordning om marknader f\u00f6r kryptotillg\u00e5ngar (MiCA).<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">2. Lagstiftningskontext (EU MiCA &amp; USA)<\/h2>\n\n\n\n<p>AI Vault Systems Inc. har sitt s\u00e4te i Delaware (USA) och kan bedriva verksamhet eller erbjuda tj\u00e4nster inom Europeiska unionen.<\/p>\n\n\n\n<p>I till\u00e4mpliga fall utf\u00e4rdas Virdato (VIRD) som en&nbsp;<strong>verktygstoken<\/strong>&nbsp;enligt f\u00f6rordning (EU) 2023\/1114 (MiCA).<\/p>\n\n\n\n<p>I linje med MiCA:s krav:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>V\u00e4sentliga drifts- eller s\u00e4kerhetsincidenter som p\u00e5verkar ekosystemet f\u00f6r kryptotillg\u00e5ngar kan kr\u00e4va anm\u00e4lan till tillsynsmyndigheten.<\/li>\n\n\n\n<li>Betydande cybers\u00e4kerhetsh\u00e4ndelser kan kr\u00e4va att beh\u00f6riga EU-myndigheter informeras.<\/li>\n\n\n\n<li>S\u00e4kerhetsbrister som p\u00e5verkar tokeninnehavare kan kr\u00e4va transparent kommunikation.<\/li>\n<\/ul>\n\n\n\n<p>Ingenting i denna policy begr\u00e4nsar obligatoriska lagstadgade rapporteringsskyldigheter enligt:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>MiCA<\/li>\n\n\n\n<li>GDPR<\/li>\n\n\n\n<li>EU:s ramverk f\u00f6r cybers\u00e4kerhet<\/li>\n\n\n\n<li>federal eller delstatlig lagstiftning i USA<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">3. Omfattning<\/h2>\n\n\n\n<p>Denna policy g\u00e4ller f\u00f6r s\u00e5rbarheter som p\u00e5verkar:<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">A. AI-valvets datainfrastruktur<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>System f\u00f6r bearbetning av AI<\/li>\n\n\n\n<li>Skaparens bel\u00f6ningssystem<\/li>\n\n\n\n<li>Pipelines f\u00f6r datainh\u00e4mtning<\/li>\n\n\n\n<li>Backend-tj\u00e4nster och API:er<\/li>\n\n\n\n<li>System f\u00f6r autentisering<\/li>\n\n\n\n<li>Databaser<\/li>\n\n\n\n<li>Infrastruktur i molnet<\/li>\n\n\n\n<li>Analysverktyg<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">B. Virdato (VIRD) Ekosystem f\u00f6r verktygstoken<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Smarta kontrakt (alla n\u00e4tverk som st\u00f6ds)<\/li>\n\n\n\n<li>Logik f\u00f6r Token-anspr\u00e5k<\/li>\n\n\n\n<li>Algoritmer f\u00f6r bel\u00f6ningstr\u00f6sklar<\/li>\n\n\n\n<li>Valideringstj\u00e4nster utanf\u00f6r kedjan<\/li>\n\n\n\n<li>Instrumentpaneler f\u00f6r tokens<\/li>\n\n\n\n<li>Integrering av pl\u00e5nb\u00f6cker<\/li>\n\n\n\n<li>Token-distributionssystem<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">4. Niv\u00e5er f\u00f6r klassificering av incidenter<\/h2>\n\n\n\n<p>S\u00e4kerhetsincidenter klassificeras internt enligt f\u00f6ljande:<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">\ud83d\udd34 Kritisk<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Exploatering av smart kontrakt som m\u00f6jligg\u00f6r token-drain<\/li>\n\n\n\n<li>Otill\u00e5ten myntning eller inflation<\/li>\n\n\n\n<li>Kompromittering av privata nycklar<\/li>\n\n\n\n<li>Massexponering av personuppgifter<\/li>\n\n\n\n<li>Systemiskt intr\u00e5ng i infrastruktur<\/li>\n\n\n\n<li>Exploateringar som p\u00e5verkar tokenekonomin<\/li>\n<\/ul>\n\n\n\n<p>M\u00e5l f\u00f6r insatsen: Omedelbar inneslutning och akut sanering.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">\ud83d\udfe0 H\u00f6g<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>S\u00e5rbarheter vid eskalering av beh\u00f6righeter<\/li>\n\n\n\n<li>Kringg\u00e5ende av autentiseringskontroller<\/li>\n\n\n\n<li>Exponering av k\u00e4nsliga operativa data<\/li>\n\n\n\n<li>Betydande risk f\u00f6r manipulation av bel\u00f6ning<\/li>\n\n\n\n<li>St\u00f6rre API-utnyttjande<\/li>\n<\/ul>\n\n\n\n<p>M\u00e5l f\u00f6r \u00e5tg\u00e4rder: P\u00e5skyndad sanering och eventuell \u00f6versyn av lagstiftningen.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">\ud83d\udfe1 Medium<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Informationsspridning med begr\u00e4nsad effekt<\/li>\n\n\n\n<li>Icke-kritiska problem med logiken i smarta kontrakt<\/li>\n\n\n\n<li>F\u00f6rbikoppling av hastighetsbegr\u00e4nsning<\/li>\n\n\n\n<li>Mindre felber\u00e4kning av bel\u00f6ning<\/li>\n<\/ul>\n\n\n\n<p>M\u00e5l f\u00f6r \u00e5tg\u00e4rd: Planerad sanering.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h3 class=\"wp-block-heading\">\ud83d\udfe2 L\u00e5g<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Kosmetiska problem<\/li>\n\n\n\n<li>Icke-exploaterbara buggar<\/li>\n\n\n\n<li>Mindre svagheter i konfigurationen<\/li>\n<\/ul>\n\n\n\n<p>M\u00e5l f\u00f6r svar: Uppl\u00f6sning av underh\u00e5llscykel.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">5. Rapportering av en s\u00e5rbarhet<\/h2>\n\n\n\n<p>Om du identifierar en s\u00e5rbarhet samtycker du till att:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Meddela oss omg\u00e5ende p\u00e5:<br><strong><a>security@aivaultsystems.com<\/a><\/strong><\/li>\n\n\n\n<li>Tillhandah\u00e5lla:\n<ul class=\"wp-block-list\">\n<li>Detaljerad beskrivning<\/li>\n\n\n\n<li>Steg f\u00f6r att reproducera<\/li>\n\n\n\n<li>Ber\u00f6rda URL:er eller kontraktsadresser<\/li>\n\n\n\n<li>Transaktionshashar (om till\u00e4mpligt)<\/li>\n\n\n\n<li>Proof-of-concept-bevis<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Avst\u00e5 fr\u00e5n:\n<ul class=\"wp-block-list\">\n<li>Tillg\u00e5ng till anv\u00e4ndardata<\/li>\n\n\n\n<li>T\u00f6mning eller inmutning av polletter<\/li>\n\n\n\n<li>\u00c4ndra systemdata<\/li>\n\n\n\n<li>Genomf\u00f6ra tester f\u00f6r \u00f6verbelastningsskydd<\/li>\n\n\n\n<li>Utnyttja bel\u00f6ningssystem<\/li>\n\n\n\n<li>Manipulering av likviditetspooler<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Till\u00e5t rimlig tid f\u00f6r korrigering innan offentligg\u00f6rande.<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">6. Specifika regler f\u00f6r smarta kontrakt och tokens<\/h2>\n\n\n\n<p>F\u00f6r Virdato-relaterade s\u00e5rbarheter:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Inte genomf\u00f6ra token extraction eller likviditetsdr\u00e4nering<\/li>\n\n\n\n<li>Manipulera inte bel\u00f6ningstr\u00f6sklarna<\/li>\n\n\n\n<li>St\u00f6r inte f\u00f6rs\u00f6rjningen av token<\/li>\n\n\n\n<li>F\u00f6rs\u00f6k inte med ekonomiskt arbitrage<\/li>\n<\/ul>\n\n\n\n<p>Om en s\u00e5rbarhet p\u00e5verkar tokeninnehavare kr\u00e4vs samordnad information innan offentlig kommunikation.<\/p>\n\n\n\n<p>Otill\u00e5ten manipulation av token kan utg\u00f6ra bedr\u00e4geri eller marknadsmissbruk enligt EU- och amerikansk lag.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">7. S\u00e4ker hamn<\/h2>\n\n\n\n<p>AI Vault kommer inte att vidta r\u00e4ttsliga \u00e5tg\u00e4rder mot forskare som:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Handla i god tro<\/li>\n\n\n\n<li>Undvik kr\u00e4nkningar av den personliga integriteten<\/li>\n\n\n\n<li>Undvik ekonomiskt utnyttjande<\/li>\n\n\n\n<li>F\u00f6lja denna policy<\/li>\n<\/ul>\n\n\n\n<p>Safe harbor g\u00e4ller inte f\u00f6r:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Extrahering av symboler<\/li>\n\n\n\n<li>Manipulation av marknaden<\/li>\n\n\n\n<li>Datainsamling<\/li>\n\n\n\n<li>Avbrott i tj\u00e4nsten<\/li>\n\n\n\n<li>Avsiktlig ekonomisk vinning<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">8. Utredning och regulatorisk eskalering<\/h2>\n\n\n\n<p>Vid mottagande av en giltig rapport kommer vi att:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Bekr\u00e4fta mottagandet inom en rimlig tidsram<\/li>\n\n\n\n<li>Unders\u00f6ka och validera resultaten<\/li>\n\n\n\n<li>Klassificera allvarlighetsgrad<\/li>\n\n\n\n<li>\u00c5tg\u00e4rda bekr\u00e4ftade s\u00e5rbarheter<\/li>\n\n\n\n<li>Eskalera till juridisk granskning och granskning av efterlevnad om s\u00e5 kr\u00e4vs<\/li>\n\n\n\n<li>Underr\u00e4tta tillsynsmyndigheter om s\u00e5 kr\u00e4vs enligt MiCA eller till\u00e4mplig lag<\/li>\n<\/ul>\n\n\n\n<p>Om MiCA kr\u00e4ver anm\u00e4lan av en betydande incident som p\u00e5verkar innehavare av kryptotillg\u00e5ngar f\u00f6rbeh\u00e5ller sig AI Vault r\u00e4tten att meddela beh\u00f6riga myndigheter utan dr\u00f6jsm\u00e5l.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">9. Offentligg\u00f6rande av information<\/h2>\n\n\n\n<p>Forskare f\u00e5r inte offentligg\u00f6ra s\u00e5rbarheter f\u00f6rr\u00e4n:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Saneringen \u00e4r bekr\u00e4ftad, ELLER<\/li>\n\n\n\n<li>En \u00f6msesidigt \u00f6verenskommen tidsgr\u00e4ns f\u00f6r offentligg\u00f6rande har passerats<\/li>\n<\/ul>\n\n\n\n<p>F\u00f6r tidigt offentligg\u00f6rande som orsakar ekonomisk skada, st\u00f6rningar av symbolisk betydelse eller exponering f\u00f6r reglering kan upph\u00e4va safe harbor-skyddet.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">10. Ingen garanti f\u00f6r ekonomisk bel\u00f6ning<\/h2>\n\n\n\n<p>AI Vault kan efter eget gottfinnande erk\u00e4nna giltiga s\u00e4kerhetsavsl\u00f6janden.<\/p>\n\n\n\n<p>Det g\u00f6r inte denna policy:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Inr\u00e4tta ett bel\u00f6ningsprogram<\/li>\n\n\n\n<li>Skapa avtalsenliga skyldigheter<\/li>\n\n\n\n<li>Garantera ekonomisk ers\u00e4ttning<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">11. R\u00e4ttsligt meddelande<\/h2>\n\n\n\n<p>Denna policy ger inte tillst\u00e5nd:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Obeh\u00f6rig \u00e5tkomst till systemet<\/li>\n\n\n\n<li>Token-manipulation<\/li>\n\n\n\n<li>Ekonomiskt utnyttjande<\/li>\n\n\n\n<li>Kringg\u00e5ende av tekniska kontroller<\/li>\n\n\n\n<li>\u00d6vertr\u00e4delse av EU:s eller USA:s lagar om cybers\u00e4kerhet<\/li>\n<\/ul>\n\n\n\n<p>All testning m\u00e5ste ske inom lagliga gr\u00e4nser.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h2 class=\"wp-block-heading\">12. Kontaktuppgifter<\/h2>\n\n\n\n<p>S\u00e4kerhetsrapporter:<br>\u00a0<a>security@aivaultsystems.com<\/a><\/p>\n\n\n\n<p>F\u00f6retagsenhet:<br>AI Vault Systems Inc.<br>Delaware, F\u00f6renta staterna<\/p>\n\n\n\n<p>EU:s operativa n\u00e4rvaro:<br>AI Vault Iberia S.L i Barcelona, Spanien<\/p>","protected":false},"excerpt":{"rendered":"<p>AI Vault Systems Inc. (Operating in the United States and European Union via AI Vault Iberia S.L) 1. Purpose AI Vault Systems Inc. (\u201cAI Vault\u201d, \u201cCompany\u201d, \u201cwe\u201d, \u201cour\u201d) maintains a coordinated vulnerability disclosure program to ensure the security, integrity, and resilience of: We support responsible security research and encourage coordinated disclosure consistent with applicable U.S. [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-2311459","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/aivaulttech.com\/sv\/wp-json\/wp\/v2\/pages\/2311459","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/aivaulttech.com\/sv\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/aivaulttech.com\/sv\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/aivaulttech.com\/sv\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/aivaulttech.com\/sv\/wp-json\/wp\/v2\/comments?post=2311459"}],"version-history":[{"count":1,"href":"https:\/\/aivaulttech.com\/sv\/wp-json\/wp\/v2\/pages\/2311459\/revisions"}],"predecessor-version":[{"id":2281459,"href":"https:\/\/aivaulttech.com\/sv\/wp-json\/wp\/v2\/pages\/2311459\/revisions\/2281459"}],"wp:attachment":[{"href":"https:\/\/aivaulttech.com\/sv\/wp-json\/wp\/v2\/media?parent=2311459"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}