-
Notifications
You must be signed in to change notification settings - Fork 169
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(content): add implementations audits as a dedicated section in the spec #1214
Merged
Merged
Changes from 1 commit
Commits
Show all changes
7 commits
Select commit
Hold shift + click to select a range
d71966a
adding audits as a dedicated section in the spec
dkkapur b3b926b
feat(tooling): section menu, links, blockquotes and content boxes (#1…
hugomrdias bd47110
fix(content): remove .org files (#1212)
yiannisbot 67b982d
moving date up to title of report and fixing links
dkkapur c975d57
removing security from title and updating scope to include theory
dkkapur 6f3d56f
Merge branch 'security-audits'
dkkapur 6f5b2df
fixing URLs
dkkapur File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| --- | ||
| title: Security Audit Reports | ||
| weight: 4 | ||
| dashboardState: wip | ||
| dashboardAudit: n/a | ||
| --- | ||
|
|
||
| # Security Audit Reports | ||
|
|
||
| Security is a critical component in ensuring Filecoin can fulfill its mission to be the storage network for humanity. In addition to robust secure development processes, trainings, theory audits, and investing in external security research, the Filecoin project has engaged reputable third party auditing specialists to ensuring that the implementation of the protocol matches the spec / intent, and succesully delivers a secure network. This section covers a selection of audit reports that have been published on Filecoin's implementation. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| --- | ||
| title: rust-fil-proofs | ||
| weight: 1 | ||
| dashboardState: wip | ||
| dashboardAudit: n/a | ||
| --- | ||
|
|
||
| # rust-fil-proofs | ||
|
|
||
| ## Filecoin Proving Subsystem | ||
|
|
||
| Audit report: [Security Assessment - Filecoin Proving Subsystem](https://github.com/filecoin-project/rust-fil-proofs/blob/master/audits/Sigma-Prime-Protocol-Labs-Filecoin-Proofs-Security-Review-v2.1.pdf) | ||
|
|
||
| Date published: 28 July, 2020 | ||
|
|
||
| This audit covers the full Proving Subsystem, including [rust-fil-proofs](https://github.com/filecoin-project/rust-fil-proofs) and [filecoin-ffi](https://github.com/filecoin-project/filecoin-ffi), through which Proof of Space-Time (PoSt), Proof of Retrievability (PoR), and Proof of Replication (PoRep) are implemented. The audit process included using fuzzing to identify potential vulnerabilities in the subsystem, each of which was resolved (the details of all issues raised and their resolutions are available in the report). | ||
|
|
||
| ## zk-SNARK proofs | ||
|
|
||
| Audit report: [zk-SNARK Proofs Audit](https://github.com/filecoin-project/rust-fil-proofs/blob/master/audits/protocolai-audit-20200728.pdf) | ||
|
|
||
| Date published: 28 July, 2020 | ||
|
|
||
| This audit covers the core logic and implementation of the zk-SNARK tree-based proofs-of-replication (including the [fork of bellman](https://github.com/filecoin-project/bellman)), as well as the SNARK circuits creation. All issues raised by the audit were resolved. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you paste a screenshot of what the dashboard looks like?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
you have the preview below