Version 1.0 — Issued by CrownThrive, LLC “End‑to‑End User Support, Incident Response, Vulnerability Disclosure, Bug Bounties, and Escalation Operations for the CHLOM Ecosystem.”
Audience: Support leads, incident commanders, security engineers, product owners, validator operators, integrators, and Help Center editors curating the Support, Bugs & Escalation category. Scope: Canonical reference for how support flows, bug intake/triage, vulnerability disclosure/bug bounty, incident handling, and escalations work in CHLOM — plus which 30+ follow‑on docs to read next.
0 · How to Use this Master Doc (Help Center Index)
- Start here for the big picture and concrete runbooks.
- Every major section ends with “What to read next” links into this category.
- Examples are illustrative; authoritative sources are the runtime repository, security/ops playbooks, and governance records.
1 · System Overview
CHLOM Support is a layered program that covers:
- User support (tickets, chat, knowledge base)
- Bug reporting (functional defects)
- Security vulnerability disclosure (coordinated VDP with safe‑harbor)
- Bug bounty (rewarded, in‑scope testing)
- Incident response (SEV handling for outages, regressions, chain events)
- Escalation to TLAAS (DLA) when misconduct or compliance breaches are suspected
- Comms powered by ThrivePush for alerts and status updates
1.1 High‑Level Architecture
+-------------------------+ +--------------------+ +---------------------------+
| Users & Validators |<----->| Support Portal |<----->| Ops & IR Consoles |
| (tickets/chat/status) | | (Help Center) | | (Incident, Security) |
+-------------------------+ +--------------------+ +---------------------------+
| FRAME Runtime (CHLOM) |
+-------------------------+ +--------------------+ | support/incidents pallets |
| Monitors & Oracles |<----->| Oracle Gateway | | dla (read), compliance |
| (health, KPIs, uptime) | | + OCWs | | treasury, scheduler |
+-------------------------+ +--------------------+ +---------------------------+
+-------------------------+ +--------------------+
| Indexers & Analytics |<----->| SubQuery/Subsquid |
| (SLA/KPI dashboards) | | + Sidecar |
+-------------------------+ +--------------------+
1.2 Consensus & Accounts
- Consensus: BABE + GRANDPA (reference chain).
- Staking: NPoS; on‑chain events may trigger SEV workflows.
- Accounts: SS58; sr25519/ed25519; multisig via
What to read next: Doc 01 — Support Architecture & Roles; Doc 02 — Network & Keys Handbook.
2 · Core Protocols (Functional Specs)
2.1 Ticket & Request Protocol (TRP)
Intake channels: portal forms, email/inbox, API. Standard fields: category (question/bug/security/billing/validator), severity, environment, reproduction steps, logs (redacted), consent.
Key actions: ticket.open, ticket.update, ticket.escalate, ticket.close.
2.2 Bug Intake & Triage Protocol (BITP)
Bugs move through: Intake → Deduplicate → Reproduce → Severity → Owner → Fix/Verify → Release → Close.
Severity ties to the SEV matrix and SLA timers.
Key actions: bug.file, bug.linkedIssue, bug.severity, bug.verify.
2.3 Vulnerability Disclosure Protocol (VDP)
Coordinated disclosure with safe‑harbor for good‑faith research. CVSS scoring, remediation timelines, embargo windows, fix‑then‑publish advisories.
Key actions: vuln.report, vuln.score, vuln.remediate, vuln.advisory.
2.4 Incident Response Protocol (IRP)
SEV‑class incidents: detect → declare → contain → mitigate → recover → postmortem. On‑chain incidents may trigger scheduler actions (e.g., parameter caps) and status page updates via ThrivePush.
2.5 Escalation Protocol (EP) to TLAAS (DLA)
When a ticket/bug indicates misconduct, fraud, KPI falsification, or terms breach, the case escalates to DLA.
Action: dla.openCase with evidence bundle; support remains liaison.
What to read next: Doc 03 — Ticket Protocol Spec; Doc 04 — Bug Triage Spec; Doc 05 — VDP Spec; Doc 06 — Incident & Escalation Spec.
3 · Runtime Pallets (FRAME)
| Pallet | Purpose | Key Storage | Key Extrinsics | Events |
pallet_chlom_support | Tickets, categories, SLA clocks | Tickets, SLAs | open, update, escalate, close | TicketOpened, Escalated |
pallet_chlom_incidents | Incident declarations & timelines | Incidents, Actions | declare, update, resolve | IncidentDeclared |
pallet_chlom_status | Status & maintenance notices | Notices | post, resolve | StatusPosted |
pallet_chlom_vdp | VDP/bug‑bounty registry | Reports, Scores | report, score, award, advisory | VulnAwarded, AdvisoryPublished |
pallet_chlom_dla (read/interop) | Enforcement handoff | Cases | openCase | CaseOpened |
pallet_oracle_gateway | Health/uptime feeds | Feeds | attest | Attested |
pallet_scheduler | Timed actions (freezes, banners) | Calls | schedule | Scheduled |
pallet_treasury | Bounties & hackathon grants | Approvals | awardBounty, proposeSpend | BountyAwarded |
pallet_sustainability | Impact routing on awards | Impacts | recordImpact | ImpactRecorded |
What to read next: Doc 07 — Pallet Design Deep Dives (Support Set).
4 · Data Model & Schemas
- Ticket:
- BugReport:
- Incident:
- VulnReport:
- BountyAward:
- Escalation:
What to read next: Doc 08 — Runtime Storage & Schemas (Support).
5 · Protocol Flows (Sequence Specs)
5.1 Ticket → Resolution
Open → classify → assign owner → solve or route → QA/confirm → close; ThrivePush notifies at each state change.
5.2 Bug → Fix → Release
File with minimal repro → triage board → fix branch → CI → canary → release → verify → close with changelog link.
5.3 Vulnerability → Remediation → Advisory
Good‑faith researcher files encrypted report → CVSS score → hotfix/patch → coordinated disclosure window → publish advisory + award.
5.4 Incident (SEV) Lifecycle
Detect (monitor/oracle) → declare SEV → rollback/feature flag → communicate status → recover → postmortem within SLA.
What to read next: Doc 09 — Sequence Diagrams & State Machines (Support).
6 · Governance & DAO Mechanics
DAO governs SLA targets, bounty budget ranges, scope rules, disclosure timings, and award bands. Emergency council can pause bounty intake or raise SEV level routing. All changes logged and time‑locked unless hotfix exception is invoked.
What to read next: Doc 10 — Governance Parameters & Processes (Support).
7 · Token Model (Runtime View)
- CHM: governance over SLAs, bounty budgets, and disclosure rules.
- CHLOM: fees for priority support, bounty payouts, hackathon grants; 1%→5% of eligible fees routed to sustainability.
What to read next: Doc 11 — Token Implementation & Fee Model (Support).
8 · Oracles & Off‑Chain Workers
Health checks, uptime, block finality delay, error‑rate spikes. OCWs batch alerts, dedupe noise, and sign attestations. ThrivePush delivers incident/status notifications.
What to read next: Doc 12 — Oracle Gateway & OCW Patterns (Support).
9 · Indexing & Analytics
Dashboards for ticket volume, backlog age, SLA attainment, mean time to acknowledge (MTTA), mean time to resolve (MTTR), bug reopen rate, incident frequency, bounty spend, disclosure cadence.
What to read next: Doc 13 — Indexing Blueprints; Doc 14 — Observability & Telemetry.
10 · Security, Privacy, and Compliance
- Safe‑Harbor for good‑faith research under VDP; no legal action if rules followed.
- PII Handling: redact logs; minimize data; store proofs as hashes/CIDs; optional ZK proofs for sensitive reproductions.
- Embargo Windows: default 90 days, 14 days for critical actively‑exploited issues after fix.
- Export Controls: region gates for tooling if required.
What to read next: Doc 15 — Security Standards & Threat Model; Doc 16 — Privacy/ZK Patterns.
11 · Sustainability & Impact Hooks
A portion of eligible priority support fees and bounty payouts routes 1% (scaling to 5%) through Stripe Climate; rotating EcoDrive campaigns (clean water, food, kelp, plastic removal, trees, jobs). Public dashboards show cumulative impact per quarter.
What to read next: Doc 17 — Sustainability Module & API.
12 · Developer Environment & Tooling
12.1 Prereqs
Runbooks repo, incident templates, encryption keys for VDP submissions, CI/CD with canary support, status page access, ThrivePush keys.
12.2 Build & Run (Reference Tools)
- Deploy status service and incident bot.
- Configure monitors and OCWs for health feeds.
- Wire Support Portal → ticket API → on‑call rotations.
12.3 Testing
Game‑day exercises, red‑team drills, tabletop incident simulations, mock VDP submissions, chaos testing for monitors.
What to read next: Doc 18 — Local Ops & Testing Guide.
13 · Deployment Topologies
- Dev/Test: sandbox status page, fake incidents, mock tickets.
- Staging: shadow production; on‑call drills.
- Production: validated monitors, on‑call 24/7 rotations, quarterly disaster‑recovery tests.
What to read next: Doc 19 — Ops Environments & Change Control; Doc 20 — Upgrade Playbook.
14 · SDKs & API Surfaces
Ticket/incident APIs for integrators; webhook events for status changes; signed VDP submission endpoint.
Example:
await api.tx.chlomSupport.open({ category: 'bug', severity: 'S2', env: 'mainnet', repro: 'steps...', logsCid })
.signAndSend(account)
What to read next: Doc 21 — TS SDK Reference; Doc 22 — Custom Webhooks & RPCs.
15 · Severity Matrix & SLAs
| Severity | Example | Initial Response | Mitigation ETA | Resolution Target | Communications |
| SEV‑1 (Critical) | Chain halts, widespread outage, data loss risk | 15 min | 1 hr | 24 hrs | Status page + hourly ThrivePush |
| SEV‑2 (High) | Major degradation, validator instability | 1 hr | 4 hrs | 72 hrs | Status page + 4‑hr updates |
| SEV‑3 (Medium) | Feature broken for subset, workaround available | 8 hrs | 2 days | 10 days | Ticket updates |
| SEV‑4 (Low) | Minor bug, cosmetic | 2 biz days | As planned | Next release | Ticket updates |
What to read next: Doc 23 — SLA Catalogue & Playbooks.
16 · Escalation Matrix
Primary owner → Product/Eng → Incident Commander → Security Lead → Governance Council (emergency) → TLAAS (DLA) for misconduct. Time‑based auto‑escalation: SEV‑1 → IC @ T+15m, Council @ T+60m if unresolved.
What to read next: Doc 24 — Escalation Playbook & Contact Roster.
17 · Hackathons Program (Builders)
Quarterly hackathons with starter kits, mock datasets, and CHLOM testnets. Tracks: Compliance, Licensing, LEX/TLaaS, TLAAS (DLA), Sustainability. Prizes paid in CHLOM (with vesting for top awards). IP defaults: team‑owned; optional contributor license back to CrownThrive for showcase.
What to read next: Doc 25 — Hackathon Playbook & Rules.
18 · Bug Bounty Program (VDP+)
Always‑on bounties with clear in‑scope targets (reference chain, SDKs, pallets) and out‑of‑scope items (social engineering, third‑party platforms). Reward bands by CVSS:
- Critical: up to $X in CHLOM + Hall of Fame
- High: up to $Y in CHLOM
- Medium/Low: tiered awards or swag/recognition Payments route via
What to read next: Doc 26 — Bug Bounty Scope & Rewards; Doc 27 — Researcher Safe‑Harbor Policy.
19 · Cross‑Module Interactions
- TLAAS (DLA): misconduct → case handoff; holds/fines may apply.
- TLaaS (LEX): market incidents inform surveillance; wash‑trade allegations escalate via webhook.
- Dual Tokenomics: bounty budgets and priority support pricing governed by CHM votes.
What to read next: Doc 28 — Interop Guides (DLA, LEX, Tokenomics).
20 · Compliance Packs (Support)
Regional policies for consumer protection, disclosure, retention, and export of support data; localization for deadlines and notice templates.
What to read next: Doc 29 — Regional Compliance Packs (Support).
21 · Operational Runbooks (On‑call & IR)
On‑call rotations, paging policies, incident commander checklists, comms templates, stakeholder briefings, and regulator packages.
What to read next: Doc 30 — On‑call Runbook; Doc 31 — Incident Commander Manual.
22 · Contribution, Versioning, and SLA
Change control for runbooks; versioned SLAs; retro cadence; postmortem quality bar; docs must update within 72 hrs of policy change.
What to read next: Doc 32 — Contributing & Release Process (Ops).
23 · Full Documentation Roadmap (30+ Items)
- Support Architecture & Roles
- Network & Keys Handbook
- Ticket Protocol Spec
- Bug Triage Spec
- VDP Spec
- Incident & Escalation Spec
- Pallet Design Deep Dives (Support Set)
- Runtime Storage & Schemas (Support)
- Sequence Diagrams & State Machines (Support)
- Governance Parameters & Processes (Support)
- Token Implementation & Fee Model (Support)
- Oracle Gateway & OCW Patterns (Support)
- Indexing Blueprints
- Observability & Telemetry
- Security Standards & Threat Model
- Privacy & ZK Patterns
- Sustainability Module & API
- Local Ops & Testing Guide
- Ops Environments & Change Control
- Upgrade Playbook
- TS SDK Reference
- Custom Webhooks & RPCs
- SLA Catalogue & Playbooks
- Escalation Playbook & Contact Roster
- Hackathon Playbook & Rules
- Bug Bounty Scope & Rewards
- Researcher Safe‑Harbor Policy
- Interop Guides (DLA, LEX, Tokenomics)
- Regional Compliance Packs (Support)
- On‑call Runbook
- Incident Commander Manual
- Disaster Recovery & Backups (Ops)
- Performance & Benchmarking (Ops)
24 · Final Notes for Help Center Editors
- Keep this master aligned with runtime/security changes.
- Each policy or runbook change must link back here and register a child doc.
- Validate examples against the latest CI snapshot and SLAs before publishing.
Appendix A — Example Types (Rust)
pub struct Ticket { pub id: u64, pub requester: AccountId32, pub category: u8, pub severity: u8, pub env: Vec<u8>, pub repro: Vec<u8>, pub logs_cid: Vec<u8>, pub state: u8, pub sla_deadline: u64 }
pub struct Incident { pub id: u64, pub sev: u8, pub commander: AccountId32, pub started_at: u64, pub mitigations: BoundedVec<Vec<u8>, ConstU32<32>>, pub status: u8, pub resolved_at: Option<u64> }
pub struct VulnReport { pub id: u64, pub researcher: AccountId32, pub scope_ref: Vec<u8>, pub cvss: u16, pub evidences: BoundedVec<Vec<u8>, ConstU32<32>>, pub embargo_until: u64 }
Appendix B — Example TS SDK Calls
// Open a bug ticket
await api.tx.chlomSupport.open({ category: 'bug', severity: 'S2', env: 'mainnet', repro: '...', logsCid })
.signAndSend(account)
// Award a bounty for a confirmed vuln
await api.tx.treasury.awardBounty(bountyId, researcher)
.signAndSend(account)
Disclaimer: Operational and security documentation; not legal advice. Always comply with applicable laws, responsible disclosure norms, and CHLOM Governance decisions.