CONTRIBUTING: add some coding and style conventions

jonasnick · Dec 1, 2023 · 02a091b · 02a091b
1 parent 523c5a6
commit 02a091b
Showing 1 changed file with 32 additions and 2 deletions.
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -26,6 +26,7 @@ These are not the only factors taken into account when considering to add new fu
 The proposed new libsecp256k1 code must be of high quality, including API documentation and tests, as well as featuring a misuse-resistant API design.
 
 We recommend reaching out to other contributors (see [Communication Channels](#communication-channels)) and get feedback before implementing new functionality.
+
 ## Communication Channels
 
 Most communication about libsecp256k1 occurs on the GitHub repository: in issues, pull request or on the discussion board.
@@ -37,9 +38,28 @@ Chat history logs can be found at https://gnusha.org/secp256k1/.
 
 ## Contributor Workflow & Peer Review
 
-The Contributor Workflow & Peer Review in libsecp256k1 are similar to Bitcoin Core's workflow and review processes described in Core's [CONTRIBUTING.md](https://github.com/bitcoin/bitcoin/blob/master/CONTRIBUTING.md).
+The Contributor Workflow & Peer Review in libsecp256k1 are similar to Bitcoin Core's workflow and review processes described in its [CONTRIBUTING.md](https://github.com/bitcoin/bitcoin/blob/master/CONTRIBUTING.md).
+
+### Coding Conventions
+
+In addition, libsecp256k1 tries to maintain the following coding conventions:
+
+- No runtime heap allocation (e.g., no `malloc`).
+- The tests should cover all lines and branches of the library (see [Test coverage](#coverage)).
+- Operations involving secret data should be tested for being constant time with respect to the secrets (see [src/ctime_tests.c](src/ctime_tests.c)).
+- Local variables containing secret data should be cleared explicitly to try to delete secrets from memory.
+- Use `secp256k1_memcmp_var` instead of `memcmp` (see [#823](https://github.com/bitcoin-core/secp256k1/issues/823)).
+- Arguments of the publicly-facing API must have a specific order defined in [include/secp256k1.h](include/secp256k1.h).
+
+#### Style Conventions
+
+- Commits should be atomic and diffs should be easy to read. For this reason, do not mix any formatting fixes or code moves with actual code changes. Make sure each individual commit is hygienic: that it builds successfully on its own without warnings, errors, regressions, or test failures.
+- Use `void *ptr` instead of `void* ptr`.
+- Avoid trailing whitespaces.
 
-### Test coverage
+### Tests
+
+#### Coverage
 
 This library aims to have full coverage of the reachable lines and branches.
 
@@ -59,3 +79,13 @@ To create a HTML report with coloured and annotated source code:
 
     $ mkdir -p coverage
     $ gcovr --exclude 'src/bench*' --html --html-details -o coverage/coverage.html
+
+#### Exhaustive Tests
+
+There are tests of several functions in which a small group replaces secp256k1.
+These tests are *exhaustive* since they provide all elements and scalars of the small group as input arguments (see [src/tests_exhaustive.c]).
+
+
+### Benchmarks
+
+See `src/bench*.c` for examples of benchmarks.