Skip to content
HeartBadge docs

Audit Program

Third-party security reviews: what's been audited, by whom, and how to access the reports.

The covenant code, the protocol implementation, and the hosted API surface are subject to periodic third-party security review. Audit reports are published with minimal redactions.

This page is being written.

The structure is fixed. The prose is being drafted from the source material and reviewed by HeartChain Labs before publication. If you need this information urgently, email docs@heartbadge.com .

What this page will cover

  • Audit cadence and scope
  • Current and past auditors
  • How to access public reports
  • Handling findings: fix-then-publish policy
  • Ongoing security monitoring between audits