feat(content): add implementations audits as a dedicated section in t…

…he spec (#1214)



Co-authored-by: Hugo Dias <hugomrdias@gmail.com>
Co-authored-by: Yiannis Psaras <52073247+yiannisbot@users.noreply.github.com>

content/appendix/audit_reports/_index.md

@@ -0,0 +1,10 @@
+---
+title: Audit Reports
+weight: 4
+dashboardState: wip
+dashboardAudit: n/a
+---
+
+# Audit Reports
+
+Security is a critical component in ensuring Filecoin can fulfill its mission to be the storage network for humanity. In addition to robust secure development processes, trainings, theory audits, and investing in external security research, the Filecoin project has engaged reputable third party auditing specialists to ensure that the theory behind the protocol and its implementation delivers the intended value, enabling Filecoin to be a safe and secure network. This section covers a selection of audit reports that have been published on Filecoin's theory and implementation.

content/appendix/audit_reports/rust-fil-proofs.md

@@ -0,0 +1,20 @@
+---
+title: rust-fil-proofs
+weight: 1
+dashboardState: wip
+dashboardAudit: n/a
+---
+
+# rust-fil-proofs
+
+## 2020-07-28: Filecoin Proving Subsystem
+
+Audit report: [Security Assessment - Filecoin Proving Subsystem](https://github.com/filecoin-project/rust-fil-proofs/blob/master/audits/Sigma-Prime-Protocol-Labs-Filecoin-Proofs-Security-Review-v2.1.pdf)
+
+This audit covers the full Proving Subsystem, including [rust-fil-proofs](https://github.com/filecoin-project/rust-fil-proofs) and [filecoin-ffi](https://github.com/filecoin-project/filecoin-ffi), through which Proof of Space-Time (PoSt), Proof of Retrievability (PoR), and Proof of Replication (PoRep) are implemented. The audit process included using fuzzing to identify potential vulnerabilities in the subsystem, each of which was resolved (the details of all issues raised and their resolutions are available in the report).
+
+## 2020-07-28: zk-SNARK proofs
+
+Audit report: [zk-SNARK Proofs Audit](https://github.com/filecoin-project/rust-fil-proofs/blob/master/audits/protocolai-audit-20200728.pdf)
+
+This audit covers the core logic and implementation of the zk-SNARK tree-based proofs-of-replication (including the [fork of bellman](https://github.com/filecoin-project/bellman)), as well as the SNARK circuits creation. All issues raised by the audit were resolved.

content/implementations/lotus.md

@@ -19,9 +19,9 @@ implRepos:
     auditState: done
     audits:
     - auditDate: '2020-07-28'
-      auditURL: https://github.com/filecoin-project/rust-fil-proofs/blob/master/audits/protocolai-audit-20200728.pdf
+      auditURL: /#section-appendix.audit_reports.rust-fil-proofs.2020-07-28-filecoin-proving-subsystem
     - auditDate: '2020-07-28'
-      auditURL: https://github.com/filecoin-project/rust-fil-proofs/blob/4a07a868d077f5926b23c3f913f99d8b46b8cebc/audits/Sigma-Prime-Protocol-Labs-Filecoin-Proofs-Security-Review-v2.1.pdf
+      auditURL: /#section-appendix.audit_reports.rust-fil-proofs.2020-07-28-zk-snark-proofs
 ---
 
 # Lotus

content/libraries/libp2p/_index.md

@@ -5,9 +5,7 @@ bookCollapseSection: true
 dashboardWeight: 1
 dashboardState: stable
 dashboardTests: 0
-dashboardAudit: done
-dashboardAuditDate: '2019-10-10'
-dashboardAuditURL: https://github.com/protocol/libp2p-vulnerabilities/blob/master/DRAFT_NCC_Group_ProtocolLabs_1903ProtocolLabsLibp2p_Report_2019-10-10_v1.1.pdf 
+dashboardAudit: wip
 ---
 
 # Libp2p