1606776394
## Formal Verification - Add TLA+ specs for UTXO conservation (formal/tla/UTXOConservation.tla) - Add TLA+ specs for GHOSTDAG ordering (formal/tla/GHOSTDAGOrdering.tla) - Add mathematical proof of DAA convergence (formal/proofs/) - Document Kani verification approach (formal/kani/) ## Bug Bounty Program - Add SECURITY.md with vulnerability disclosure process - Add docs/BUG_BOUNTY.md with $500-$100,000 reward tiers - Define scope, rules, and response SLA ## Web Wallet Dilithium3 WASM Integration - Build WASM module via Docker (498KB optimized) - Add wasm-crypto.ts lazy loader for Dilithium3 - Add createHybridSignatureLocal() for full client-side signing - Add createHybridSignatureSmart() for auto-mode selection - Add Dockerfile.wasm and build scripts ## Security Review ($0 Approach) - Add .github/workflows/security.yml CI workflow - Add deny.toml for cargo-deny license/security checks - Add Dockerfile.security for audit container - Add scripts/security-audit.sh for local audits - Configure cargo-audit, cargo-deny, cargo-geiger, gitleaks
12 lines
537 B
Markdown
12 lines
537 B
Markdown
# INSTRUCTIONS TO FOLLOW
|
|
|
|
## ALWAYS DO
|
|
|
|
1. Build/deploy changes to Docker Desktop, for all kinds of development environments, for debugging, for testing. Deploy on Docker Desktop, then use the assigned PORTS for the works/needs.
|
|
2. Use a unique reserved set of ports for this project.
|
|
3. Always commit and push the codes to main branch after a milestone or phase is completed.
|
|
|
|
## NEVER DO
|
|
|
|
1. Never build anything on localhost (local machine) directly without deploying the builds on Docker Desktop.
|
|
2. Never use default/varying ports.
|