Security Vault (upcoming)

1 · Purpose

Security Vault is envisioned as HackAI’s “source of truth.” Once an exploit has been reproduced in the Adversarial Sandbox and the model owner has shipped a fix, the Vault will record that pair permanently. Anyone, developers, regulators, users, can query the Vault to see:

  • which model versions were vulnerable,

  • who found the exploit,

  • when the patch went live, and

  • whether the model is still safe to use.

2 · Minimum feature set (first release)

All metadata lives on-chain; large artefacts (logs, diffs) stay in off-chain storage referenced by content hash.

3 · Example lifecycle (concept)

  1. Exploit accepted Bounty Hub releases payout; exploit ID #123 created.

  2. Patch uploaded Model owner submits fix diff; Vault links #123 → patch ID #124.

  3. Certification Vault mints a “Patched” NFT, timestamped on Solana.

  4. Deprecation Old model hash is automatically labeled Unsafe in public registry.

  5. Query Any user or script can call the Vault API to verify a model’s current status.

4 · Why it matters

  • Permanent memory No more lost PDF reports or private e-mails—everything is auditable.

  • Instant trust signals Apps and marketplaces can reject unsafe model hashes automatically.

  • Regulatory ready Provides the continuous risk-tracking trail that new AI laws require.

PreviousAdversarial Sandbox (upcoming)NextOfficial Links

Last updated