defirisk.co
rubric v1.7.0

Disclosure SLA public

Kinetiq's assessment for RD-F-176 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Policy.txt states Kinetiq 'will investigate legitimate reports and make every effort to quickly resolve any vulnerability' — best-effort language with no specific acknowledgment-time SLA. Cantina bounty page states reports should be submitted 'as soon as possible — ideally within 24 hours of discovery' (researcher-side guidance, not an issuer acknowledgment SLA). No formal 'we acknowledge within X hours' commitment published. Yellow = SLA stated as best-effort but no specific timeframe.

Sources #

  • URL
    Kinetiq kinetiq-contracts bounty — CantinaCantina bounty: 'Reports should be submitted as soon as possible — ideally within 24 hours of discovery' (researcher-side, not issuer SLA)retrieved 2026-05-17
  • URL
    Kinetiq Responsible Disclosure Policypolicy.txt: 'will investigate legitimate reports and make every effort to quickly resolve any vulnerability' — no specific acknowledgment SLAretrieved 2026-05-17

Methodology #

Determine whether the protocol publishes an acknowledgment-time SLA for disclosed vulnerabilities (e.g., 72h ack).

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol kinetiq factor RD-F-176 score yellow collected_at 2026-05-17 15:29:57