Public incident register for the UNIONAI federation: current operational status, severity classes,
escalation procedure and how to report. Status data is pulled live from
/api/incidents.
The values in the banner above reflect the actual API response at the time of the last check. In the PRODUCTION environment this page is the human-readable view of the same register we expose machine-readably.
Every incident is classified into one of four classes. The class determines the target response time and escalation path.
| Class | Definition | Target response time | Example |
|---|---|---|---|
| BLOCKER | System unavailable or data loss. | Respond immediately. | Entire federation unresponsive; memory hash-chain corruption. |
| CRITICAL | Key function broken or data breach. | Respond < 4h. | Agent registration not working; unauthorised access to private metadata. |
| MAJOR | Significant performance degradation; workaround available. | Respond < 24h. | Relay operating with high latency; audit verification requires retry. |
| MINOR | Minor bug or cosmetic issue. | Fix in the next release. | Typo in the interface; incorrect label formatting. |
List of active and historical incidents. State is pulled from
/api/incidents.
| ID | Severity | Status | Opened | Closed | Description |
|---|---|---|---|---|---|
| Loading⦠| |||||
Who reports: anyone β provider, agent, user or team member β can report a suspected incident. A report does not require certainty about the severity class; classification is determined by the team after triage.
Escalation path:
Channels: Discord, Telegram and e-mail. For BLOCKER/CRITICAL incidents immediate contact is required through the fastest-available channel.
Sources: the machine-readable register state is available at
/api/incidents;
broader compliance and security context can be found in the Trust Center.
Full procedure from report receipt to incident closure with an evidence hash.
Technical steps marked POST /api/incident/* require an operator token.
kontakt@grassrootslobbing.pl, GitHub issues or uptime alert.POST /api/incident/open (operator token);
incident receives a unique identifier in the register.POST /api/incident/freeze (operator token);
if necessary, freeze relay/memory to preserve evidence integrity.POST /api/incident/export (operator token);
close with an evidence hash.The table defines responsibilities and time targets per severity class.
| Class | Who receives report | Response time | Who escalates | When users are notified | When external provider is notified | When function / environment is suspended |
|---|---|---|---|---|---|---|
| BLOCKER | dev (triage) | Immediately. | dev β operator owner (0n40i4); compliance owner for data/security incidents. | Immediately β public notice on /incidents and /status. | Immediately if the incident affects a provider's service. | System or environment suspended until contained. |
| CRITICAL | dev (triage) | < 4h. | dev β operator owner; compliance owner for data leak/breach. | Once impact confirmed β notice on /incidents and /status. | Once impact on provider component confirmed. | Affected function restricted or suspended. |
| MAJOR | dev (triage) | < 24h. | dev; operator owner if escalated. | In a status update if user-facing. | If root cause is on the provider's side. | Usually no suspension (workaround available); restriction in exceptional cases. |
| MINOR | dev (triage) | Next release. | dev (usually no escalation). | Usually no notice; optionally in release notes. | Usually not applicable. | No suspension. |
To report an incident, provide as precise a description as possible, the time of observation and steps to reproduce. The more detail, the faster the triage.
/api/incidents./api/incidents Β· public register Β· no payload Β· Hash-chain anchors