Support

Olocus is built in the open. The full source — Rust workspace, Cloudflare Workers relay, Playwright canonical-journey tests, this site — lives at github.com/svailsa/olocus. That's the canonical place for bug reports, feature requests, and security disclosures during the pre-release window.

File a bug

Open an issue at github.com/svailsa/olocus/issues. Useful detail: the browser + OS, the page you were on, what you expected, what happened. Screenshots are welcome; do not paste tokens, proof bytes, or anything from a real disclosure into a public issue.

Security disclosure

Cryptographic or relay-side vulnerabilities go to the security policy in the repository. The preferred channel is a GitHub security advisory — advisories are private to the maintainers until coordinated disclosure ships the fix. The policy spells out scope, the out-of-scope categories, and the threat-model bounds the project deliberately does not promise to defend against.

What's not supported in v1

• Account recovery — v1 has no recovery layer. Seed recovery + encrypted backup ship in v1.1+.
• Recovering bytes a verifier already fetched — see Transparency → Revocation semantics.
• Restoring a record after a clean device wipe — the v1 record lives on the device. Without backup (v1.1+) it does not survive a reset.

Privacy questions

See Privacy and Transparency first — both list what the relay holds, what it does not, and where the data lives. Specific privacy or data-rights questions also go through the GitHub channels above until a dedicated contact address is set up ahead of GA.

Pre-release status. Olocus is in active development. The v1 minimal relay is shippable but not production-deployed. The PWA bundles at app.olocus.com and verify.olocus.com are end-to-end functional locally; production deploy lands in a separate slice ahead of GA. Treat this surface as a preview, not a service-level commitment.