Terms of Service

1. Acceptance of Terms

By accessing this website or engaging Noema Labs ("we", "us", "our") for security services, you agree to be bound by these Terms of Service. If you are entering into these terms on behalf of a protocol, organization, or DAO, you represent that you have the authority to bind such entity to these conditions.

2. Services & Project Scope

Noema Labs provides expert-level smart contract auditing and protocol security research. These services are time-boxed and diagnostic in nature. Strict Scope: Our review only pertains to the specific files and commit hashes explicitly listed in the Engagement Letter or Scope of Work.

3. Deliverables & Reports

Audit reports represent our best-effort professional opinion based on industry standards at the time of the audit. Reports are intended for informational transparency; they do NOT constitute a security certification or a recommendation to invest in or use the protocol.

4. Client Responsibilities

Clients are responsible for providing complete and accurate source code, documentation, deployment details, dependencies, relevant commit hashes, test instructions, and timely access to repositories or environments required for the engagement. Material omissions, delayed access, or code changes during the review may require a revised scope, timeline, or fee.

5. Authorization to Review

By submitting a project for review, the Client represents that it has the legal right to authorize Noema Labs to analyze the provided code, documentation, repositories, and test environments. Noema Labs will only test systems, repositories, contracts, and infrastructure that are expressly included in the agreed scope.

6. Confidentiality & Disclosure

Non-public source code, credentials, private communications, draft reports, and vulnerability details will be treated as confidential unless disclosure is authorized in writing or required by law. Public reports, logos, testimonials, case studies, and coordinated vulnerability disclosures require the parties to agree on timing and content in writing.

7. AI-Assisted Tooling

Noema Labs may use internal tooling, static analyzers, fuzzers, and AI-assisted workflows to support review coverage, path exploration, and vulnerability triage. AI-assisted output is reviewed by human researchers before inclusion in any deliverable. Client confidential materials will not be intentionally used to train public AI models without written approval.

8. Prohibited Use

You may not use our website, intake channels, reports, or services to facilitate illegal activity, unauthorized access, exploit development against third-party systems, sanctions evasion, money laundering, theft, or concealment of stolen assets. We may decline, suspend, or terminate any engagement that we reasonably believe violates this section.

9. Disclaimer of Warranties

SERVICES ARE PROVIDED ON AN "AS IS" AND "AS AVAILABLE" BASIS. TO THE MAXIMUM EXTENT PERMITTED BY LAW, NOEMA LABS DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.

To the maximum extent permitted by law, Noema Labs shall not be liable for any loss, damage, or harm resulting from vulnerabilities, bugs, or exploits not detected during the audit process, provided services were performed in good faith. An audit is a time-boxed professional opinion and not a guarantee of future protocol stability.

10. Fees & Payments

A deposit of 50% of the total engagement fee is required to initialize the project and secure the research timeline, except where otherwise required by law or agreed in writing. The remaining 50% is due within five (5) business days of the delivery of the initial audit report.

All payments are denominated in USD or stablecoins as specified in the Engagement Letter. Client is responsible for applicable taxes, transaction fees, exchange-rate risk, and failed or misdirected transfers unless otherwise agreed in writing. Noema Labs reserves the right to pause or suspend auditing services if payments are delayed beyond 7 days of the invoice date.

11. Mitigation Review Window

Mitigation review is included only when the Client submits fixes within three (3) calendar days of receiving the initial findings report. If fixes are submitted after this window, or if additional review cycles are requested, Noema Labs may require an additional fee and revised timeline before performing further mitigation review.

12. Referral Rewards

Referral rewards are discretionary and subject to confirmed attribution, mutual written confirmation, and successful completion of a paid audit or security review. No referral reward is earned or payable for unpaid, cancelled, incomplete, disputed, or unsuccessful engagements. Reward amounts, timing, payment method, and eligibility are discussed directly with the referrer and may vary by engagement.

13. Termination

Either party may terminate an engagement for convenience with 15 days' written notice. In the event of early termination, the Client will pay Noema Labs for all services performed up to the effective date of termination. Confidentiality, Intellectual Property, and Limitation of Liability clauses shall survive any termination.

14. Limitation of Liability

In no event shall Noema Labs be liable for any indirect, incidental, special, or consequential damages (including loss of funds, protocol assets, profits, or data) arising out of or in connection with the services provided.

15. Entire Agreement

These Terms, together with any signed Engagement Letter or Master Service Agreement, constitute the entire agreement between the parties and supersede all prior oral or written representations, communications, or understandings.

16. Dispute Resolution

In the event of a dispute, the parties agree to first attempt to resolve the matter through good faith negotiation. If the dispute is not resolved within 30 days, it shall be referred to and finally resolved by arbitration seated in New Delhi, India, conducted in English by one arbitrator, unless the applicable Engagement Letter specifies a different seat or procedure.

17. Governing Law

These terms shall be governed by and construed in accordance with the laws of India. Any legal proceedings not subject to Section 14 shall be brought exclusively in the competent courts of New Delhi, India, unless the applicable Engagement Letter specifies a different venue.