-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
add contribution, security and conduct guidelines
Signed-off-by: Pranay Valson <pranay.valson@gmail.com>
- Loading branch information
Showing
7 changed files
with
159 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,50 @@ | ||
| # Code of Conduct | ||
|
|
||
| We, the contributors and maintainers of the Covalent EWM light-client project, are committed to fostering an open, welcoming, and inclusive community. We value the participation of every individual and want to ensure a positive experience for everyone involved. | ||
|
|
||
| ## Our Pledge | ||
|
|
||
| In the interest of promoting a positive and collaborative environment, we pledge to: | ||
|
|
||
| - Be respectful and considerate towards others, regardless of their background, experience level, or identity. | ||
| - Use welcoming and inclusive language, avoiding any form of harassment, discrimination, or offensive behavior. | ||
| - Be open to constructive feedback and ideas, and approach discussions with empathy and understanding. | ||
| - Focus on what is best for the project and the community as a whole. | ||
|
|
||
| ## Expected Behavior | ||
|
|
||
| We expect all participants to adhere to the following guidelines: | ||
|
|
||
| - Be respectful and professional in all interactions and communications. | ||
| - Exercise empathy and kindness towards others. | ||
| - Be open to collaboration and willing to help others. | ||
| - Gracefully accept constructive criticism and feedback. | ||
| - Respect the opinions and experiences of others, even if they differ from your own. | ||
| - Refrain from engaging in any form of harassment, discrimination, or offensive behavior. | ||
|
|
||
| ## Unacceptable Behavior | ||
|
|
||
| The following behaviors are considered unacceptable within our community: | ||
|
|
||
| - Harassment, discrimination, or any form of offensive or derogatory language or behavior. | ||
| - Personal attacks, insults, or derogatory comments. | ||
| - Intimidation, threats, or any form of bullying. | ||
| - Unwelcome sexual attention or advances. | ||
| - Publishing or threatening to publish others' private information without explicit permission. | ||
| - Any other conduct that is deemed inappropriate, offensive, or harmful to the community. | ||
|
|
||
| ## Reporting and Enforcement | ||
|
|
||
| If you witness or experience any behavior that violates this Code of Conduct, please report it immediately by contacting the project maintainers at <krishnateja@covalenthq.com>. All reports will be reviewed and investigated promptly and confidentially. | ||
|
|
||
| Project maintainers have the right and responsibility to remove, edit, or reject any contributions, comments, commits, code, wiki edits, issues, and other interactions that are not aligned with this Code of Conduct. In severe cases, they may also ban temporarily or permanently any contributor for behaviors deemed inappropriate, threatening, offensive, or harmful. | ||
|
|
||
| ## Attribution | ||
|
|
||
| This Code of Conduct is adapted from the [Contributor Covenant](https://www.contributor-covenant.org), version 2.0, available at [https://www.contributor-covenant.org/version/2/0/code_of_conduct.html](https://www.contributor-covenant.org/version/2/0/code_of_conduct.html). | ||
|
|
||
| ## Scope | ||
|
|
||
| This Code of Conduct applies to all spaces related to the Covalent EWM light-client project, including but not limited to the repository, issue tracker, pull requests, discussions, and any other communication channels used by the project. | ||
|
|
||
| By participating in this project, you agree to abide by this Code of Conduct. We appreciate your cooperation in helping us create a positive and welcoming community for everyone. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,46 @@ | ||
| # Contributing Guidelines | ||
|
|
||
| Thank you for your interest in contributing to the [Covalent EWM light-client](https://www.covalenthq.com/products/light-client/) project (and its associated smart contracts on base)! We welcome contributions from the community to help improve the security, functionality, and usability of our contracts. | ||
|
|
||
| ## Getting Started | ||
|
|
||
| 1. Fork the repository and clone your fork locally. | ||
| 2. Install the necessary dependencies by running `npm install` or `yarn install`. | ||
| 3. Familiarize yourself with the project structure and the existing smart contracts using the [readme](README.md). | ||
|
|
||
| ## Development Process | ||
|
|
||
| 1. Create a new branch for your feature or bug fix: `git checkout -b feature/your-feature-name` or `git checkout -b fix/your-bug-fix`. | ||
| 2. Write clean, readable, and well-documented code following the project's coding conventions. | ||
| 3. Test your changes thoroughly to ensure they work as expected and do not introduce any new issues. | ||
| 4. Use `npm run coverage` to test changes for backward compatibility. Look in the `./test` directory for all unit and integrations tests. | ||
| 5. Add tests for the new feature. | ||
| 6. Commit your changes with a descriptive commit message: `git commit -m "Add feature X" or "Fix bug Y"`. | ||
| 7. Push your changes to your forked repository: `git push origin feature/your-feature-name`. | ||
| 8. Open a pull request against the main repository's `develop` branch, providing a clear description of your changes and any relevant information. | ||
|
|
||
| ## Pull Request Guidelines | ||
|
|
||
| - Ensure that your code adheres to the project's coding style and conventions. | ||
| - Write clear, concise, and meaningful commit messages. | ||
| - Include tests for your changes to maintain code coverage. | ||
| - Document any new features, changes, or updates in the code and README file. | ||
| - Be responsive to feedback and be willing to make changes to your pull request if requested. | ||
|
|
||
| ## Security | ||
|
|
||
| Please see our [SECURITY.md](SECURITY.md) document for information about reporting security vulnerabilities, our bug bounty program, and our responsible disclosure policy. | ||
|
|
||
| ## Code of Conduct | ||
|
|
||
| We expect all contributors to follow our [Code-of-Conduct](CODE_OF_CONDUCT.md) to ensure a welcoming and inclusive environment for everyone. | ||
|
|
||
| ## License | ||
|
|
||
| By contributing to this project, you agree that your contributions will be licensed under the [Apache 2.0] License. | ||
|
|
||
| ## Contact | ||
|
|
||
| If you have any questions, suggestions, or feedback, feel free to reach out to us at telegram [t.me/noslav](https://t.me/noslav), [discord](https://discordapp.com/users/krish_96038) or email <krishnateja@covalenthq.com> or [twitter/X](https://x.com/Covalent_HQ). | ||
|
|
||
| Thank you for your contributions and support! |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,59 @@ | ||
| # Security Policy | ||
|
|
||
| The security of our users and the integrity of the Covalent EWM light-client project are of utmost importance to us. We appreciate the efforts of security researchers, white hat hackers and the community in helping us identify and responsibly disclose any vulnerabilities or security issues. | ||
|
|
||
| ## Reporting Security Issues | ||
|
|
||
| If you discover a security vulnerability or issue within the Covalent EWM light-client project or its associated smart contracts, please report it to us responsibly by following these steps: | ||
|
|
||
| 1. Send an email to our security team at <pranay@covalenthq.com>, <krishnateja@covalenthq.com> & <rodrigo@covalenthq.com> with a line on telegram [t.me/noslav](https://t.me/noslav) for quick communication with the following details: | ||
|
|
||
| - A clear and concise description of the vulnerability or issue. | ||
| - Steps to reproduce the vulnerability or issue. | ||
| - Any relevant technical details, such as affected versions or components. | ||
| - Your contact information for further communication. | ||
|
|
||
| 2. Do not disclose the vulnerability or issue publicly until we have had sufficient time to investigate and address it. | ||
|
|
||
| 3. We will acknowledge receipt of your report within 36 hours and provide an estimated timeline for addressing the issue. | ||
|
|
||
| 4. We will keep you informed about the progress of fixing the vulnerability and may ask for additional information or clarification if needed. | ||
|
|
||
| 5. Once the vulnerability is fixed, we will publicly acknowledge your responsible disclosure via x/twitter or discord, unless you prefer to remain anonymous. | ||
|
|
||
| ## Bug Bounty Program | ||
|
|
||
| To encourage and reward the responsible disclosure of security vulnerabilities, we offer a bug bounty program. Depending on the severity and impact of the reported vulnerability, we provide bounties in the form of our primary staking ERC-20 token, [CXT](https://coinmarketcap.com/currencies/covalent-x/), from the CXT community reserve. See [tokenomics](https://www.covalenthq.com/docs/cxt/tokenomics) for more details. | ||
|
|
||
| The bounty amounts are determined based on the severity of the vulnerability and its potential impact on the project and its users. Please refer to our previous bounties for the [refiner testnet programme](https://www.covalenthq.com/blog/the-refiner-incentivized-testnet/) to get an idea of the reward structure. | ||
|
|
||
| ## Scope | ||
|
|
||
| The following components and areas are within the scope of our security policy and bug bounty program: | ||
|
|
||
| - The Covalent EWM light-client repository and its associated smart contracts within ./`contracts`, tests within ./`test` and scripts within ./`scripts`. | ||
| - The core functionality and security of the light-client NFT contracts and its interactions on the Base EVM blockchain. | ||
| - Any vulnerabilities that could lead to the compromise of user funds or sensitive information. | ||
|
|
||
| ## Out of Scope | ||
|
|
||
| The following areas are considered out of scope for our security policy and bug bounty program: | ||
|
|
||
| - Third-party libraries, dependencies, or services used by the project, unless specifically integrated or modified by us. | ||
| - Vulnerabilities in the underlying blockchain platform or network, such as Ethereum or Base. | ||
| - Social engineering attacks or phishing attempts. | ||
| - Denial of Service (DoS) attacks or other network-related issues. | ||
|
|
||
| ## Responsible Disclosure | ||
|
|
||
| We kindly request that you follow responsible disclosure practices when reporting security vulnerabilities. This includes: | ||
|
|
||
| - Providing us with sufficient time to investigate and address the vulnerability before public disclosure. | ||
| - Not exploiting the vulnerability for personal gain or causing harm to the project, its users, or any other parties. | ||
| - Respecting the confidentiality of the disclosure process and not sharing information about the vulnerability with others until it has been addressed. | ||
|
|
||
| ## Contact | ||
|
|
||
| If you have any questions or concerns regarding the security of the Covalent EWM light-client project, please contact us at <pranay@covalenthq.com>. | ||
|
|
||
| We appreciate your efforts in helping us maintain the security and integrity of our project. Thank you for your responsible disclosure and collaboration. |
Large diffs are not rendered by default.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
2 changes: 1 addition & 1 deletion
2
artifacts/contracts/EwmNftController.sol/EwmNftController.dbg.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,4 +1,4 @@ | ||
| { | ||
| "_format": "hh-sol-dbg-1", | ||
| "buildInfo": "../../build-info/594153a591a4551107adf872b934d932.json" | ||
| "buildInfo": "../../build-info/1569bc7b14b3f8ff2b11ffc488079934.json" | ||
| } |
4 changes: 2 additions & 2 deletions
4
artifacts/contracts/EwmNftController.sol/EwmNftController.json
Large diffs are not rendered by default.
Oops, something went wrong.