silken_net

Miradi inayofuata mazoea bora hapa chini inaweza kujihakikisha kwa hiari na kuonyesha kuwa wamepata nishani ya mazoea bora ya Open Source Security Foundation (OpenSSF).

Hakuna seti ya mazoea yawezayo kuhakikisha kuwa programu haitakuwa na kasoro au udhaifu; hata mbinu rasmi zinaweza kushindwa ikiwa vipimo au dhana ni sahihi. Wala hakuna seti ya mazoea yawezayo kuhakikisha kuwa mradi utaendelea kuwa na jamii ya maendeleo yenye afya na inayofanya kazi vizuri. Hata hivyo, kufuata mazoea bora kunaweza kusaidia kuboresha matokeo ya miradi. Kwa mfano, baadhi ya mazoea huwezesha ukaguzi wa watu wengi kabla ya kutolewa, ambayo inaweza kusaidia kupata udhaifu wa kiufundi ambao vinginevyo ni vigumu kupata na kusaidia kujenga uaminifu na hamu ya mwingiliano wa kurudia kati ya wasanidi programu kutoka makampuni tofauti. Ili kupata nishani, vigezo vyote vya LAZIMA na LAZIMA WALA USIWAHI lazima vifuatwe, vigezo vyote vya INAPASWA lazima vifuatwe AU visivyo fufufutiliana na thibitisho, na vigezo vyote vya PENDEKEZA lazima vifuatwe AU visivyo fufufutiliana (tunataka vifikiwe angalau). Ikiwa unataka kuingiza maandishi ya thibitisho kama maoni ya jumla, badala ya kuwa maelezo ya busara kwamba hali ni inakubaliwa, anza kifungu cha maandishi na '//' ikifuatiwa na nafasi. Maoni ni karibu kupitia tovuti ya GitHub kama masuala au maombi ya kuvuta Kuna pia orodha ya barua pepe kwa majadiliano ya jumla.

Tunafuraha kutoa habari katika lugha nyingi, hata hivyo, ikiwa kuna mgongano au kutokuwa na usawa kati ya tafsiri, toleo la Kiingereza ni toleo lenye mamlaka.
Ikiwa huu ni mradi wako, tafadhali onyesha hadhi ya nishani yako kwenye ukurasa wa mradi wako! Hadhi ya nishani inaonekana kama hii: Kiwango cha nishani kwa mradi 13358 ni silver Hapa ni jinsi ya kuiweka:
Unaweza kuonyesha hali ya nishani yako kwa kuweka hii katika faili yako ya markdown:
[![OpenSSF Best Practices](https://www.bestpractices.dev/projects/13358/badge)](https://www.bestpractices.dev/projects/13358)
au kwa kuweka hii katika HTML yako:
<a href="https://www.bestpractices.dev/projects/13358"><img src="https://www.bestpractices.dev/projects/13358/badge"></a>


Hizi ni vigezo vya kiwango cha Fedha. Unaweza pia kuangalia vigezo vya kiwango cha Kupita au Dhahabu.

Baseline Series: Kiwango cha Msingi 1 Kiwango cha Msingi 2 Kiwango cha Msingi 3

        

 Misingi 17/17

  • Jumla

    Kumbuka kwamba miradi mingine inaweza kutumia jina sawa.

    Silken Net: a trustless, decentralized D-MRV / Nature-as-a-Service (NaaS) platform for planetary-scale forest-health monitoring. Edge IoT sensors in trees bridge to the Polygon blockchain via a Chainlink oracle, minting Silken Carbon (SCC) and Silken Forest (SFC) tokens from verified biomass-growth telemetry; a Lorenz-attractor homeostasis signal guards against fraud.

    Tafadhali tumia muundo wa maneno ya leseni ya SPDX; mifano ni pamoja na "Apache-2.0", "BSD-2-Clause", "BSD-3-Clause", "GPL-2.0+", "LGPL-3.0+", "MIT", na "(BSD-2-Clause OR Ruby)". Usitumie alama za nukuu za moja au mbili.
    Ikiwa kuna lugha zaidi ya moja, ziorodhe kama thamani zilizotengwa kwa koma (nafasi ni za hiari) na ziorodhe kuanzia iliyotumiwa zaidi hadi iliyotumiwa kidogo. Ikiwa kuna orodha ndefu, tafadhali orodhesha angalau tatu za kawaida zaidi. Ikiwa hakuna lugha (k.m., huu ni mradi wa nyaraka tu au wa majaribio tu), tumia herufi moja "-". Tafadhali tumia herufi kubwa za kawaida kwa kila lugha, k.m., "JavaScript".
    Common Platform Enumeration (CPE) ni mpango wa kuweka majina yenye muundo kwa mifumo ya teknolojia ya habari, programu, na vifurushi. Inatumika katika mifumo na hifadhidata nyingi wakati wa kuripoti udhaifu.

    Honest TRL: backend TRL 8, firmware TRL 6, bio-anchor TRL 3; multi-zone licensing — see NOTICE.

  • Mahitaji ya awali


    Mradi LAZIMA ufikie nishani ya kiwango cha kuhitimu. [achieve_passing]

  • Maudhui ya kimsingi ya tovuti ya mradi


    Habari juu ya jinsi ya kuchangia LAZIMA ijumuishe mahitaji ya michango inayokubalika (k.m., rejea kwa kiwango chochote kinachohitajika cha msimbo). (URL inahitajika) [contribution_requirements]

    CONTRIBUTING.md "Requirements for acceptable contributions" lists the checks every contribution must pass, per domain: Ruby/Rails — RuboCop, RSpec, Brakeman, bundler-audit; Python — Ruff; firmware — host test suite (make -C firmware/test); Solidity — forge build/test. It also requires matching the surrounding code style and keeping the docs/ single source of truth updated.
    https://github.com/Alexey-Lukin/silken_net/blob/main/CONTRIBUTING.md#requirements-for-acceptable-contributions


  • Usimamizi wa mradi


    Mradi UNAPASWA kuwa na utaratibu wa kisheria ambapo wasanidi wote wa kiasi kisicho kidogo cha programu ya mradi wanathibitisha kwamba wameruhusiwa kisheria kufanya michango hii. Mbinu ya kawaida na rahisi ya kutekeleza hii ni kwa kutumia Cheti cha Msanidi cha Asili (DCO), ambapo watumiaji huongeza "signed-off-by" katika ahadi zao na mradi unaunganisha kwenye tovuti ya DCO. Hata hivyo, hii YAWEZA kutekelezwa kama Makubaliano ya Leseni ya Mchangiaji (CLA), au utaratibu mwingine wa kisheria. (URL inahitajika) [dco]
    DCO ni utaratibu unaopendekeza kwa sababu ni rahisi kutekeleza, kufuatilia katika msimbo wa chanzo, na git inasaidia moja kwa moja kipengele cha "signed-off" kwa kutumia "commit -s". Ili kuwa na ufanisi zaidi ni bora ikiwa nyaraka za mradi zinaeleza maana ya "signed-off" kwa mradi huo. CLA ni makubaliano ya kisheria yanayofafanua masharti ambayo kazi za kiakili zimetolewa leseni kwa shirika au mradi. Makubaliano ya mgawo wa mchangiaji (CAA) ni makubaliano ya kisheria yanayohamisha haki katika kazi ya kiakili kwa chama kingine; miradi haihitajiki kuwa na CAA, kwa kuwa kuwa na CAA huongeza hatari kwamba wachangiaji watarajiwa hawatachangia, hasa ikiwa mpokeaji ni shirika la faida. Apache Software Foundation CLAs (leseni ya mchangiaji wa mtu binafsi na CLA ya kampuni) ni mifano ya CLA, kwa miradi ambayo inaamua kwamba hatari za aina hizi za CLA kwa mradi ni chini ya manufaa yao.

    The project uses the Developer Certificate of Origin (DCO) 1.1 as its contributor-authorization mechanism, documented in CONTRIBUTING.md: by signing off a commit (git commit -s, adding a Signed-off-by trailer) a contributor certifies they wrote the patch or otherwise have the right to submit it under the project's licenses. It complements the inbound=outbound "License of contributions" statement in the same file. (The first DCO-signed commit is already in history.)
    https://github.com/Alexey-Lukin/silken_net/blob/main/CONTRIBUTING.md#developer-certificate-of-origin-dco
    https://developercertificate.org/



    Mradi LAZIMA ufafanue kwa uwazi na kuandika muundo wake wa utawala wa mradi (njia ya kufanya maamuzi, ikiwa ni pamoja na majukumu muhimu). (URL inahitajika) [governance]
    Kunahitaji kuwa na njia fulani iliyowekwa vyema ya kuandikwa ya kufanya maamuzi na kutatua migogoro. Katika miradi midogo, hii inaweza kuwa rahisi kama "mmiliki wa mradi na kiongozi hufanya maamuzi yote ya mwisho". Kuna miundo mbalimbali ya utawala, ikiwa ni pamoja na dictator wa wema na meritocracy rasmi; kwa maelezo zaidi, angalia Miundo ya utawala. Mbinu zote mbili za kati (k.m., mtunzaji mmoja) na zisizo za kati (k.m., watunzaji wa kikundi) zimetumika kwa mafanikio katika miradi. Habari za utawala hazihitajiki kuandika uwezekano wa kuunda uma wa mradi, kwa kuwa hiyo ni iwezekanavyo kila wakati kwa miradi ya FLOSS.

    The project's governance is documented in GOVERNANCE.md: Silken Net uses a single-maintainer ("benevolent dictator") model — the founder and sole maintainer (Oleksii Lukin, @Alexey-Lukin) makes all final technical, architectural and release decisions. Day-to-day changes land via the CONTRIBUTING.md pull-request flow with maintainer review (CODEOWNERS); architecture is decided documentation-first in the SSOT docs. This project (development) governance is explicitly distinct from the on-chain SFC DAO that governs the deployed protocol's parameters (docs/05_06).
    https://github.com/Alexey-Lukin/silken_net/blob/main/GOVERNANCE.md



    Mradi LAZIMA upitishe kanuni ya mwenendo na kuiweka mahali pa kawaida. (URL inahitajika) [code_of_conduct]
    Miradi inaweza kuweza kuboresha uadilifu wa jamii yao na kuweka matarajio kuhusu tabia inayokubalika kwa kupitisha kanuni ya mwenendo. Hii inaweza kusaidia kuepuka matatizo kabla hayajatokea na kufanya mradi kuwa mahali pa kukaribishwa zaidi ili kuhimiza michango. Hii inapaswa kuzingatia tu tabia ndani ya jamii/mahali pa kazi pa mradi. Mifano ya kanuni za mwenendo ni kanuni ya mwenendo ya kernel ya Linux, Kanuni ya Mwenendo ya Agano la Mchangiaji, Kanuni ya Mwenendo ya Debian, Kanuni ya Mwenendo ya Ubuntu, Kanuni ya Mwenendo ya Fedora, Kanuni ya Mwenendo ya GNOME, Kanuni ya Mwenendo ya Jamii ya KDE, Kanuni ya Mwenendo ya Jamii ya Python, Mwongozo wa Mwenendo wa Jamii ya Ruby, na Kanuni ya Mwenendo ya Rust.

    The project has adopted the Contributor Covenant 2.1 as its code of conduct, posted in the standard top-level location CODE_OF_CONDUCT.md (GitHub surfaces it on the repository's Community page and when opening issues/PRs). It defines expected and unacceptable behavior, scope, and a reporting/enforcement process with a contact.
    https://github.com/Alexey-Lukin/silken_net/blob/main/CODE_OF_CONDUCT.md



    Mradi LAZIMA ufafanue kwa uwazi na kuandika hadharani majukumu muhimu katika mradi na wajibu wao, ikiwa ni pamoja na kazi zozote ambazo majukumu hayo lazima yafanywe. Lazima iwe wazi ni nani ana jukumu lipi, ingawa hii haiwezi kuandikwa kwa njia ile ile. (URL inahitajika) [roles_responsibilities]
    Nyaraka kwa utawala na majukumu na wajibu zinaweza kuwa mahali pamoja.

    The project's key roles and responsibilities are documented in GOVERNANCE.md (the "Roles" section): Maintainer / Lead — Oleksii Lukin (@Alexey-Lukin) — responsible for final decisions, code review, releases and security response; Contributors — anyone — propose changes via pull requests (CONTRIBUTING.md). It is clear who holds the maintainer role. Governance and roles are documented together, as this criterion permits.
    https://github.com/Alexey-Lukin/silken_net/blob/main/GOVERNANCE.md#roles



    Mradi LAZIMA uweze kuendelea kwa usumbufu mdogo ikiwa mtu yeyote anakufa, anakuwa katika hali ya kudhoofika, au vinginevyo hawezi au hataki kuendelea kusaidia mradi. Hasa, mradi LAZIMA uweze kuunda na kufunga masuala, kukubali mabadiliko yaliyopendekezwa, na kutoa matoleo ya programu, ndani ya wiki moja ya uthibitishaji wa upotevu wa msaada kutoka kwa mtu yeyote mmoja. Hii INAWEZA kufanywa kwa kuhakikisha mtu mwingine ana funguo zozote zinazohitajika, nywila, na haki za kisheria ili kuendelea mradi. Watu binafsi wanaoendesha mradi wa FLOSS WANAWEZA kufanya hii kwa kuweka funguo katika sanduku la kufungia na wosia unaowezesha haki zozote zinazohitajika za kisheria (k.m., kwa majina ya DNS). (URL inahitajika) [access_continuity]

    The project is fully FLOSS (AGPL-3.0-or-later) with all source, history, issues, pull requests and releases public on GitHub, the docs mirrored to the wiki, and contracts/telemetry on public chains — nothing required to continue the project is held in a private silo. As documented in GOVERNANCE.md ("Continuity"), if the sole maintainer becomes unavailable any contributor can fork the public repository and, within a week, create/close issues, accept proposed changes, and cut releases (release-please + standard GitHub Releases need no private key); the AGPL licence grants the legal rights to do so. Additional maintainers will be added as the project grows.
    https://github.com/Alexey-Lukin/silken_net/blob/main/GOVERNANCE.md#continuity



    Mradi INAPASWA kuwa na "bus factor" ya 2 au zaidi. (URL inahitajika) [bus_factor]
    "Bus factor" (pia inajulikana kama "truck factor") ni idadi ya chini ya washiriki wa mradi ambao wanapaswa kutoweka ghafla kutoka kwenye mradi ("kupigwa na basi") kabla ya mradi kusimama kwa sababu ya ukosefu wa wafanyakazi wenye elimu au wenye uwezo. Zana ya truck-factor inaweza kukadiria hii kwa miradi kwenye GitHub. Kwa maelezo zaidi, angalia Kutathmini Bus Factor ya Hifadhi za Git na Cosentino et al.

    Unmet — the project currently has a single maintainer, so its bus factor is 1. This is mitigated: the project is fully FLOSS with all code, history, issues and releases public on GitHub (forkable by anyone — see GOVERNANCE.md "Continuity"), so loss of the maintainer does not lose the project, only its stewardship. The maintainer intends to add co-maintainers as the contributor base grows, raising the bus factor to 2+.
    https://github.com/Alexey-Lukin/silken_net/blob/main/GOVERNANCE.md#continuity


  • Nyaraka


    Mradi LAZIMA uwe na ramani ya barabara iliyoandikwa inayoeleza kile mradi unakusudia kufanya na kutofanya kwa angalau mwaka unaofuata. (URL inahitajika) [documentation_roadmap]
    Mradi huenda usitimiza ramani ya barabara, na hiyo ni sawa; kusudi la ramani ya barabara ni kusaidia watumiaji na wachangiaji watarajiwa kuelewa mwelekeo unaokusudiwa wa mradi. Haihitaji kuwa na maelezo mengi.

    The project has a documented roadmap in docs/00_01 (Vision, Mission & Roadmap), §4 "High-Level Roadmap", with dated phases — Phase 1 "The First Breath" (2026: R&D + validation), Phase 2 "The Cyber-Physical State" (2027-2028: regional expansion), Phase 3 "Planetary Scale" (2029-2030) — well beyond the next year. What is deliberately out of near-term scope is separated into the far-horizon agenda (docs/00_08, 2030-2040+, explicitly not TRL-gated). Near-term intended work is tracked live in docs/00_07.
    https://github.com/Alexey-Lukin/silken_net/blob/main/docs/00_01_Vision_Mission_and_Roadmap.md



    Mradi LAZIMA ujumuishe nyaraka za muundo (pia inajulikana kama muundo wa kiwango cha juu) wa programu inayozalishwa na mradi. Ikiwa mradi hauzalishi programu, chagua "haihusiki" (N/A). (URL inahitajika) [documentation_architecture]
    Muundo wa programu unaeleza miundo ya msingi ya programu, yaani, vipengele vikuu vya programu, uhusiano kati yao, na mali muhimu za vipengele na uhusiano hivi.

    The architecture is documented as the 8-level SilkenNet stack (L1 biophysics / Ti-6Al-4V anchor + EBFC → L3 firmware + edge AI → L5 Rails backend → L7 Polygon/DeFi → L8 Ethereum L1 finalization): the high-level diagram and the multichain / tech-stack tables are in the README, the canonical system map and reading order in docs/00_00, and each layer's detailed design has its own module (e.g. docs/02_01 hardware architecture, docs/05_01 multichain). The major components, their relationships and key properties are all covered.
    https://github.com/Alexey-Lukin/silken_net/blob/main/docs/00_00_SSOT_Index.md
    https://github.com/Alexey-Lukin/silken_net#readme



    Mradi LAZIMA uandike kile mtumiaji anaweza na asiweze kutarajia kwa suala la usalama kutoka kwa programu inayozalishwa na mradi ("mahitaji yake ya usalama"). (URL inahitajika) [documentation_security]
    Haya ni mahitaji ya usalama ambayo programu inakusudiwa kukidhi.

    The project's security expectations and limitations are documented. SECURITY.md states the in-scope components and a "Known, documented limitations" section that openly states what users should NOT expect today — e.g. the transitional AES-128-ECB LoRa link (no MAC/IV yet, bench-gated for migration to authenticated AES-128-CCM), with the open security backlog tracked in docs/00_07 (SEC.*). The intended security model the software aims to meet — AES-128-CCM (LoRa) / AES-256-CBC+GCM (CoAP + at-rest), SE050 secure element, per-device HKDF keys, IV/nonce generation, and the PQC migration roadmap — is the canonical SSOT in docs/03_05.
    https://github.com/Alexey-Lukin/silken_net/blob/main/SECURITY.md
    https://github.com/Alexey-Lukin/silken_net/blob/main/docs/03_05_Hardware_Symmetric_Crypto_and_Security.md



    Mradi LAZIMA utoe mwongozo wa "kuanza haraka" kwa watumiaji wapya kuwasaidia kufanya kitu haraka na programu. (URL inahitajika) [documentation_quick_start]
    Wazo ni kuonyesha watumiaji jinsi ya kuanza na kufanya programu ifanye chochote. Hii ni muhimu sana kwa watumiaji watarajiwa kuanza.

    The README has a "Quick Start" section: clone the repo, bundle install, bin/rails db:prepare, bin/dev (Rails + Sidekiq + Tailwind + CoAP listener), then bin/rails db:seed + bin/forest_simulator to generate live telemetry without any hardware — so a new user can get the system doing something within minutes. CONTRIBUTING.md also links to it.
    https://github.com/Alexey-Lukin/silken_net#readme



    Mradi LAZIMA ufanye jitihada ya kuweka nyaraka kulingana na toleo la sasa la matokeo ya mradi (ikiwa ni pamoja na programu inayozalishwa na mradi). Kasoro yoyote inayojulikana ya nyaraka inayofanya isilingane LAZIMA irekebishwe. Ikiwa nyaraka kwa ujumla ni za sasa, lakini kwa makosa inajumuisha baadhi ya maelezo ya zamani ambayo sio ya kweli tena, ichukue tu kama kasoro, kisha ifuatilie na urekebishe kama kawaida. [documentation_current]
    Nyaraka ZINAWEZA kujumuisha habari kuhusu tofauti au mabadiliko kati ya matoleo ya programu na/au kuunganisha kwa matoleo ya zamani ya nyaraka. Kusudi la kigezo hiki ni kwamba jitihada inafanywa ili kuweka nyaraka kulingana, siyo kwamba nyaraka lazima ziwe kamili.

    Documentation currency is a first-class, mechanically-enforced discipline — the project's core "SSOT" methodology (docs/00_06). Beyond "making an effort", the docs.yml CI workflow is the single home for structural doc gates that actively prevent drift: docs:check_refs (dangling cross-refs, deprecated/retired terms, owner-only vocabulary such as the RTC register map and Lorenz constants, ToC sync — 27 drift linters in lib/docs_linter.rb), tracker:check (the action-plan tracker), and a code↔doc registry gate (scripts/model_doc_sync.rb maps app/models and app/services 1:1 to their doc sections). Any documented value that drifts from the code fails CI. The one-home rule (one fact, one canonical doc — 00_06 §2) is the standing principle; known inconsistencies are tracked and fixed in docs/00_07.
    https://github.com/Alexey-Lukin/silken_net/blob/main/docs/00_06_SSOT_Documentation_Standard.md
    https://github.com/Alexey-Lukin/silken_net/blob/main/.github/workflows/docs.yml



    Ukurasa wa mbele wa hifadhi ya mradi na/au tovuti LAZIMA utambulishe na kuunganisha kiungo kwa mafanikio yoyote, ikiwa ni pamoja na nishani hii ya mazoea bora, ndani ya masaa 48 ya kutambua hadharani kwamba ufanikio umepatikana. (URL inahitajika) [documentation_achievements]
    Ufanikio ni seti yoyote ya vigezo vya nje ambavyo mradi umefanya kazi mahususi kukidhi, ikiwa ni pamoja na nishani fulani. Habari hii haihitaji kuwa kwenye ukurasa wa mbele wa tovuti ya mradi. Mradi unaotumia GitHub unaweza kuweka mafanikio kwenye ukurasa wa mbele wa hifadhi kwa kuyaongeza kwenye faili ya README.

    The repository front page (README) identifies and hyperlinks the project's achievements at the very top: the OpenSSF Best Practices badge (passing — project 13358) and the OpenSSF Scorecard badge, each linking to its source page. The badges are also on the wiki landing page (docs/00_00). They were added and updated as the badge progressed (in_progress → passing), within the 48-hour window.
    https://github.com/Alexey-Lukin/silken_net#readme


  • Ufikiaji na kimataifa


    Mradi (tovuti zote za mradi na matokeo ya mradi) INAPASWA kufuata mazoea bora ya ufikiaji ili watu wenye ulemavu bado waweze kushiriki katika mradi na kutumia matokeo ya mradi ambapo ni busara kufanya hivyo. [accessibility_best_practices]
    Kwa programu za wavuti, angalia Miongozo ya Ufikiaji wa Maudhui ya Wavuti (WCAG 2.0) na hati yake inayosaidia Kuelewa WCAG 2.0; angalia pia habari za ufikiaji za W3C. Kwa programu za GUI, zingatia kutumia miongozo ya ufikiaji ya mazingira maalum (kama vile Gnome, KDE, XFCE, Android, iOS, Mac, na Windows). Baadhi ya programu za TUI (k.m., programu za `ncurses`) zinaweza kufanya mambo fulani ili kuzifanya kufikika zaidi (kama mpangilio wa `force-arrow-cursor` wa `alpine`). Programu nyingi za mstari wa amri zinafikika vizuri kama zilivyo. Kigezo hiki mara nyingi ni N/A, k.m., kwa maktaba za programu. Hapa kuna baadhi ya mifano ya hatua za kuchukua au masuala ya kuzingatia:
    • Toa mbadala za maandishi kwa maudhui yoyote yasiyo ya maandishi ili yaweze kubadilishwa kuwa aina nyingine watu wanahitaji, kama vile chapa kubwa, braille, hotuba, alama au lugha rahisi zaidi ( mwongozo wa WCAG 2.0 1.1)
    • Rangi haitumiwi kama njia pekee ya kuona ya kuwasilisha habari, kuashiria kitendo, kuchochea jibu, au kutofautisha kipengele cha kuona. ( mwongozo wa WCAG 2.0 1.4.1)
    • Uwasilishaji wa kuona wa maandishi na picha za maandishi una uwiano wa tofauti wa angalau 4.5:1, isipokuwa kwa maandishi makubwa, maandishi ya bahati mbaya, na nembo ( mwongozo wa WCAG 2.0 1.4.3)
    • Fanya kazi zote zipatikane kutoka kwenye kibodi (mwongozo wa WCAG 2.1)
    • Mradi wa GUI au wa wavuti INAPASWA kupima na angalau kipaza sauti kimoja cha skrini kwenye jukwaa la lengo (k.m., NVDA, Jaws, au WindowEyes kwenye Windows; VoiceOver kwenye Mac & iOS; Orca kwenye Linux/BSD; TalkBack kwenye Android). Programu za TUI ZINAWEZA kufanya kazi kupunguza uchanganyiko wa ziada ili kuzuia usomaji wa ziada na vipaza sauti vya skrini.

    The web frontend (Phlex + Turbo + Tailwind) follows accessibility best practices: visible keyboard focus indicators via Tailwind focus-visible: utilities (used in ~48 components), ARIA semantics (role and aria-live attributes), light/dark theming plus prefers-reduced-motion and prefers-contrast media-query handling in the stylesheet, semantic Phlex components (navigation, pagination, locale switcher, mobile-nav toggle), and a design system that drives all colour through semantic tokens (supporting contrast and theme adaptation). The UI accessibility conventions are documented in docs/04_04 (Phlex UI & Tailwind).
    https://github.com/Alexey-Lukin/silken_net/blob/main/docs/04_04_Phlex_UI_and_Tailwind.md



    Programu iliyozalishwa na mradi INAPASWA kuwa kimataifa ili kuwezesha upatanifu wa lugha wa rahisi kwa utamaduni, eneo, au lugha ya hadhira lengo. Ikiwa kimataifa (i18n) haihusiki (k.m., programu haizalishi maandishi yanayokusudiwa kwa watumiaji wa mwisho na haipangi maandishi yanayosomeka na binadamu), chagua "haihusiki" (N/A). [internationalization]
    Upatanifu wa lugha "unarejelea upatanifu wa bidhaa, programu au maudhui ya hati ili kukidhi lugha, utamaduni na mahitaji mengine ya soko mahususi la lengo (eneo)." Kimataifa ni "muundo na maendeleo ya bidhaa, programu au maudhui ya hati ambayo huwezesha upatanifu wa lugha wa rahisi kwa hadhira lengo zinazotofautiana katika utamaduni, eneo, au lugha." (Ona "Upatanifu wa Lugha dhidi ya Kimataifa" ya W3C.) Programu inakidhi kigezo hiki kwa kuwa kimataifa tu. Hakuna upatanifu wa lugha kwa lugha nyingine mahususi unaohitajika, kwa kuwa mara tu programu imekuwa kimataifa inawezekana kwa wengine kufanya kazi kwenye upatanifu wa lugha.

    The software is internationalized using Rails i18n: user-facing strings go through I18n.t (148 files) rather than being hardcoded, message catalogues live in config/locales (currently English, Ukrainian, Lithuanian and Latvian), and the UI includes a locale switcher component. Adding a new locale is a matter of dropping in another YAML catalogue — no code changes — exactly what this criterion asks for.
    https://github.com/Alexey-Lukin/silken_net/tree/main/config/locales


  • Mengine


    Ikiwa tovuti za mradi (tovuti, hifadhi, na URL za kupakua) zinahifadhi nywila kwa ajili ya uthibitishaji wa watumiaji wa nje, nywila LAZIMA zihifadhiwe kama mificho iliyorudiwa na chumvi kwa-mtumiaji kwa kutumia kanuni ya upanuaji (iliyorudiarudia) wa funguo (k.m., Argon2id, Bcrypt, Scrypt, au PBKDF2). Ikiwa tovuti za mradi hazihifadhi nywila kwa kusudi hili, chagua "haihusiki" (N/A). [sites_password_security]
    Kumbuka kwamba matumizi ya GitHub yanakidhi kigezo hiki. Kigezo hiki kinatumika tu kwa nywila zinazotumika kwa ajili ya uthibitishaji wa watumiaji wa nje kwenye tovuti za mradi (pia inaitwa uthibitishaji wa ndani). Ikiwa tovuti za mradi lazima ziingie kwenye tovuti zingine (pia inaitwa uthibitishaji wa nje), zinaweza kuhitaji kuhifadhi ishara za uidhinishaji kwa kusudi hilo kwa njia tofauti (kwa kuwa kuhifadhi mficho hakuna maana). Hii inatumia kigezo cha crypto_password_storage kwa tovuti za mradi, sawa na sites_https.

    The project's sites — the repository, the project home page (the GitHub wiki), and the download/release URLs — are all hosted on GitHub. As this criterion explicitly notes, the use of GitHub meets the requirement: external-user authentication and any password storage for these sites is handled by GitHub, not by the project. (Separately, the software produced by the project stores its own end-user passwords with Argon2id + per-user salt — covered under crypto_password_storage.)
    https://github.com/Alexey-Lukin/silken_net


 Udhibiti wa Mabadiliko 1/1

  • Matoleo ya awali


    Mradi LAZIMA utunze matoleo ya zamani yaliyotumika mara nyingi ya bidhaa au kutoa njia ya usasishaji kwa matoleo mapya. Ikiwa njia ya usasishaji ni ngumu, mradi LAZIMA uandike jinsi ya kufanya usasishaji (k.m., violesura vilivyobadilika na hatua zilizoanishwa kwa undani ili kusaidia usasishaji). [maintenance_or_update]

    The project provides a clear upgrade path to newer versions. It uses Semantic Versioning (managed by release-please) and publishes a human-readable CHANGELOG documenting the features and fixes in each release, so users can see exactly what changed when moving between versions. The backend is a continuously-deployed service (users run the latest); the firmware and smart contracts follow the same versioned releases. At this stage (v0.x) upgrades are not breaking-complex, so updating to the newest release is the upgrade path, and any future breaking change will be documented in the CHANGELOG / release notes with the steps needed.
    https://github.com/Alexey-Lukin/silken_net/blob/main/CHANGELOG.md
    https://github.com/Alexey-Lukin/silken_net/releases


 Kuripoti 3/3

  • Mchakato wa kuripoti hitilafu


    Mradi LAZIMA utumie kifuatiliaji cha masuala kwa ajili ya kufuatilia masuala ya mtu binafsi. [report_tracker]

    The project uses GitHub Issues as its issue tracker for individual issues.
    https://github.com/Alexey-Lukin/silken_net/issues


  • Mchakato wa kuripoti udhaifu


    Mradi LAZIMA utoe sifa kwa waripoti wa ripoti zote za udhaifu zilizotatuliwa katika miezi 12 iliyopita, isipokuwa kwa waripoti wanaoomba kutojulikana. Ikiwa hakuna udhaifu uliotatuliwa katika miezi 12 iliyopita, chagua "haihusiki" (N/A). (URL inahitajika) [vulnerability_report_credit]

    N/A — no vulnerability reports have been received or resolved in the last 12 months (zero repository security advisories), so there are no reporters to credit. The credit practice for when a report is resolved is now documented in SECURITY.md ("Credit"): reporters are credited in the advisory and/or release notes unless they request anonymity.
    https://github.com/Alexey-Lukin/silken_net/blob/main/SECURITY.md



    Mradi LAZIMA uwe na mchakato ulioandikwa kwa ajili ya kujibu ripoti za udhaifu. (URL inahitajika) [vulnerability_response_process]
    Hii ina uhusiano mkubwa na vulnerability_report_process, ambayo inahitaji kuwa kuna njia iliyoandikwa ya kuripoti udhaifu. Pia inahusiana na vulnerability_report_response, ambayo inahitaji majibu kwa ripoti za udhaifu ndani ya kipindi fulani cha muda.

    The process for responding to vulnerability reports is documented in SECURITY.md: reports are received privately via GitHub Security Advisories, acknowledged within 72 hours, with a fix or mitigation for high-severity issues targeted within 14 days; the in-scope components, openly-tracked known limitations, and a safe-harbor statement are also included. The open security backlog is tracked in docs/00_07 (SEC.*).
    https://github.com/Alexey-Lukin/silken_net/blob/main/SECURITY.md


 Ubora 19/19

  • Viwango vya msimbo


    Mradi LAZIMA utambulishe miongozo mahususi ya mtindo wa kuandika msimbo kwa lugha kuu inazotumia, na uhitaji kwamba michango kwa ujumla ikidhi. (URL inahitajika) [coding_standards]
    Katika hali nyingi hii inafanywa kwa kurejelea baadhi ya miongozo ya mtindo iliyopo, huenda ikiorodhesha tofauti. Miongozo hii ya mtindo inaweza kujumuisha njia za kuboresha usomaji na njia za kupunguza uwezekano wa kasoro (ikiwa ni pamoja na udhaifu). Lugha nyingi za programu zina miongozo moja au zaidi ya mtindo inayotumika sana. Mifano ya miongozo ya mtindo ni pamoja na miongozo ya mtindo ya Google na Viwango vya Kuandika Msimbo wa SEI CERT.

    The project identifies a specific coding style guide for each primary language, documented in CONTRIBUTING.md ("Coding standards"): Ruby — the Rails Omakase RuboCop style (.rubocop.yml inherits rubocop-rails-omakase); Python — Ruff (ruff.toml, a curated pycodestyle/pyflakes/isort/pyupgrade/bugbear ruleset); firmware C — -Wall -Wextra -Wpedantic + cppcheck (MISRA C:2012 advisory); Solidity — forge fmt; C# — .editorconfig (.NET conventions). Contributions are required to comply (CI must be green).
    https://github.com/Alexey-Lukin/silken_net/blob/main/CONTRIBUTING.md#requirements-for-acceptable-contributions



    Mradi LAZIMA utekeleze kiotomatiki mtindo wake wa kuandika msimbo uliochaguliwa ikiwa kuna angalau zana moja ya FLOSS inayoweza kufanya hivyo katika lugha zilizochaguliwa. [coding_standards_enforced]
    Hii INAWEZA kutekelezwa kwa kutumia zana za uchambuzi mkako na/au kwa kulazimisha msimbo kupitia vifaa vya kurekebisha msimbo. Katika hali nyingi usanidi wa zana umejumuishwa katika hifadhi ya mradi (kwa kuwa miradi tofauti inaweza kuchagua usanidi tofauti). Miradi INAWEZA kuruhusu vighairi vya mtindo (na kwa kawaida itaruhusu); ambapo vighairi vinatokea, LAZIMA viwe nadra na viandikwe katika msimbo katika maeneo yao, ili vighairi hivi viweze kukaguliwa na ili zana ziweze kuzishughulikia kiotomatiki baadaye. Mifano ya zana kama hizo ni pamoja na ESLint (JavaScript), Rubocop (Ruby), na devtools check (R).

    The selected styles are enforced automatically in CI by FLOSS tools, and a contribution that violates them fails the build: RuboCop (Ruby) and Ruff (Python) in the ci.yml lint jobs, cppcheck for firmware C (firmware_lint), and forge fmt / Slither for Solidity (solidity_audit.yml). Tool configs live in the repo (.rubocop.yml, ruff.toml, contracts/foundry.toml, tools/cad/.editorconfig). Exceptions are rare and documented in code at their locations — e.g. inline // cppcheck-suppress with a reason, and fingerprinted, annotated entries in config/brakeman.ignore.
    https://github.com/Alexey-Lukin/silken_net/blob/main/.github/workflows/ci.yml


  • Mfumo wa ujenzi unaofanya kazi


    Mifumo ya kujenga kwa binari za asili LAZIMA iheshimu vigezo (vya mazingira) vya mkusanyaji na vya kiunganishi vilivyopitishwa kwao (k.m., CC, CFLAGS, CXX, CXXFLAGS, na LDFLAGS) na kuvipitisha kwenye viito vya mkusanyaji na vya kiunganishi. Mfumo wa kujenga UNAWEZA kuvipanua na bendera za ziada; LAZIMA USIBADILISHE thamani zilizotolewa na zake mwenyewe. Ikiwa hakuna binari za asili zinazozalishwa, chagua "haihusiki" (N/A). [build_standard_variables]
    Inapaswa kuwa rahisi kuwezesha vipengele maalum vya kujenga kama Address Sanitizer (ASAN), au kutii mazoea bora ya ugumu wa usambazaji (k.m., kwa kuwezesha kwa urahisi bendera za mkusanyaji kufanya hivyo).

    The native-binary build (firmware/test/Makefile) honors the compiler/linker variables passed in via the environment or command line: CC ?= gcc (a packager can pass CC=clang) and CFLAGS += <project flags> (env/CLI CFLAGS are honored and the project EXTENDS them with its mandatory -std=c11 -I., never replacing). The recipes are single-invocation gcc compile+link, so linker flags carried in CFLAGS (e.g. -Wl,-z,relro) reach the linker too — making it easy to enable ASAN or distribution-hardening flags. Verified: an env CFLAGS value passes through to the compiler, and CI (firmware_test) is green. (The Rails backend and Solidity contracts produce no native binaries.)
    https://github.com/Alexey-Lukin/silken_net/blob/main/firmware/test/Makefile



    Mfumo wa kujenga na usakinishaji UNAPASWA kuhifadhi taarifa za utatuzi ikiwa zimeombwa katika bendera husika (k.m., "install -s" haitumiwa). Ikiwa hakuna mfumo wa kujenga au usakinishaji (k.m., maktaba za kawaida za JavaScript), chagua "haihusiki" (N/A). [build_preserve_debug]
    K.m., kuweka CFLAGS (C) au CXXFLAGS (C++) inapaswa kuunda taarifa husika za utatuzi ikiwa lugha hizo zinatumika, na hazipaswi kuondolewa wakati wa usakinishaji. Taarifa za utatuzi zinahitajika kwa msaada na uchambuzi, na pia ni muhimu kwa kupima uwepo wa vipengele vya ugumu katika binari zilizokusanywa.

    The build preserves debugging information when requested: passing CFLAGS="-g" is honored by the Makefile (CFLAGS += extends the user's flags) so debug info is generated, and the firmware host tests run in place and are never installed with stripping (there is no "install -s" / strip step). The dedicated coverage (--coverage) and ASAN (-g) lanes also build with debug/instrumentation symbols. (The Rails backend and Solidity contracts have no native-binary build/install that strips symbols.)
    https://github.com/Alexey-Lukin/silken_net/blob/main/firmware/test/Makefile



    Mfumo wa kujenga kwa programu iliyozalishwa na mradi LAZIMA USIJENGA kwa njia ya kujirudia saraka ndogo ikiwa kuna utegemezi wa kukatana katika saraka ndogo. Ikiwa hakuna mfumo wa kujenga au usakinishaji (k.m., maktaba za kawaida za JavaScript), chagua "haihusiki" (N/A). [build_non_recursive]
    Taarifa ya utegemezi wa ndani ya mfumo wa kujenga wa mradi inahitaji kuwa sahihi, vinginevyo, mabadiliko ya mradi huenda yasijenge vizuri. Mijengo isiyo sahihi inaweza kusababisha kasoro (ikiwa ni pamoja na udhaifu). Kosa la kawaida katika mifumo mikubwa ya kujenga ni kutumia "ujenzi wa kujirudia" au "make ya kujirudia", yaani, mlingano wa saraka ndogo zinazojumuisha faili za chanzo, ambapo kila saraka ndogo inajengwa kwa uhuru. Isipokuwa kila saraka ndogo ni huru kabisa, hii ni kosa, kwa sababu taarifa ya utegemezi si sahihi.

    The build systems do not use recursive make over cross-dependent subdirectories. The only native build (firmware/test/Makefile) is a single, non-recursive Makefile: each target lists its full header/source dependencies and the shared firmware/common headers compile directly into each test via -I (no per-subdirectory independent builds). Its only $(MAKE) calls recurse into the same directory (the asan/coverage re-instrumented rebuilds), never into subdirectories, so the dependency information is complete and accurate. The other toolchains (Bundler, Foundry/forge, npm, conda) are not recursive-make either.
    https://github.com/Alexey-Lukin/silken_net/blob/main/firmware/test/Makefile



    Mradi LAZIMA uweze kurudia mchakato wa kuzalisha taarifa kutoka faili za chanzo na kupata matokeo sawa ya biti-kwa-biti. Ikiwa hakuna ujenzi unaofanyika (k.m., lugha za uandishi ambapo msimbo wa chanzo unatumika moja kwa moja badala ya kukusanywa), chagua "haihusiki" (N/A). [build_repeatable]
    Watumiaji wa GCC na clang wanaweza kupata chaguo la -frandom-seed kuwa na manufaa; katika hali fulani, hii inaweza kutatuliwa kwa kulazimisha aina fulani ya mpangilio. Mapendekezo zaidi yanaweza kupatikana kwenye tovuti ya ujenzi unaorudiwa.

    Builds and code-generation are reproducible bit-for-bit, and CI enforces it. Generated firmware artifacts are checked against their source on every run: tools/ml/scripts/check_firmware_tables.py regenerates the log-mel tables and fails if they differ from the committed headers, and tools/firmware/check_bytecode.py verifies the committed lorenz_bytecode.h matches bio_contract.rb; QEMU jobs additionally assert host↔Cortex-M4 bit-parity. Solidity bytecode is deterministic — solc is pinned (solc_version = 0.8.35) with fixed optimizer settings (foundry.toml), so forge build reproduces the same bytecode. (The Rails backend is interpreted Ruby — no compiled artifact.)
    https://github.com/Alexey-Lukin/silken_net/blob/main/.github/workflows/ci.yml


  • Mfumo wa usakinishaji


    Mradi LAZIMA utoe njia ya kusakinisha na kuondoa kwa urahisi programu iliyozalishwa na mradi kwa kutumia mkataba unaotumika sana. [installation_common]
    Mifano ni pamoja na kutumia meneja wa kifurushi (kwa mfumo au kiwango cha lugha), "make install/uninstall" (inasaidia DESTDIR), chombo katika muundo wa kawaida, au picha ya mashine pepe katika muundo wa kawaida. Mchakato wa usakinishaji na uondoaji (k.m., kifurushi chake) UNAWEZA kutekelezwa na mtu wa tatu mradi tu ni FLOSS.

    The software is installed via commonly-used conventions. The backend is packaged as a container in a standard format (Dockerfile, multi-stage build on ruby:4.0.5-slim) and deployed with Kamal (config/deploy.yml: image, registry, servers) — kamal setup / kamal deploy installs it, kamal remove uninstalls it. For development it installs at the language level via Bundler (bundle install) per the README Quick Start, and uninstalling is removing the directory/containers. The smart contracts deploy on-chain via Foundry scripts.
    https://github.com/Alexey-Lukin/silken_net/blob/main/Dockerfile
    https://github.com/Alexey-Lukin/silken_net#readme



    Mfumo wa usakinishaji kwa watumiaji wa mwisho LAZIMA uheshimu mkataba wa kawaida kwa kuchagua eneo ambapo vitu vilivyojengwa vinaandikwa kwa wakati wa usakinishaji. Kwa mfano, ikiwa inasakinisha faili kwenye mfumo wa POSIX lazima iheshimu kigezo cha mazingira cha DESTDIR. Ikiwa hakuna mfumo wa usakinishaji au hakuna mkataba wa kawaida, chagua "haihusiki" (N/A). [installation_standard_variables]

    N/A — the project has no installation system that writes built artifacts to a
    user-selectable location, so the DESTDIR/PREFIX convention does not apply. The
    end-user software (the D-MRV Rails platform) is delivered as a self-contained
    container image (Docker, deployed by Kamal — config/deploy.yml) or run in place
    from its working directory after a Bundler install; neither has a DESTDIR/PREFIX
    step. There is no make install / PREFIX / DESTDIR target anywhere in the repo.
    The one first-party Python package (tools/ml, "silken-ml") is internal ML tooling
    run in place (PYTHONPATH=src) or via an editable pip install -e inside a conda
    env — an editable install links the source tree rather than writing built
    artifacts to a chosen location — so it is not an end-user installation system
    either. (CMSIS-DSP and mruby ship their own packaging but are vendored
    third-party submodules, not this project's installation system.)



    Mradi LAZIMA utoe njia kwa wasanidi programu wanaoweza kusakinisha haraka matokeo yote ya mradi na mazingira ya msaada yanayohitajika kufanya mabadiliko, ikiwa ni pamoja na majaribio na mazingira ya majaribio. Hii LAZIMA ifanywe kwa kutumia mkataba unaotumika sana. [installation_development_quick]
    Hii INAWEZA kutekelezwa kwa kutumia chombo kilichozalishwa na/au hati za usakinishaji. Utegemezi wa nje kwa kawaida utasakinishwa kwa kuita mfumo na/au meneja wa kifurushi cha lugha, kwa external_dependencies.

    bin/setup (the standard idempotent Rails dev-bootstrap script — runs
    bundle install, bin/rails db:prepare, clears logs, starts the dev server).
    The README "Quick Start" documents the system-package prerequisites, the same
    steps, and how to run the test suite (bundle exec rspec). The repo is polyglot,
    so each domain installs its support + test environment via its standard language
    package manager, all listed in CONTRIBUTING.md: Bundler for Ruby/Rails (tests:
    rspec); npm ci + Foundry for the Solidity contracts (tests: forge test); a
    conda environment file for the Python in-silico/ML tooling
    (tools/*/environment.yml); and make -C firmware/test for the host-based
    firmware tests (no ARM toolchain needed). A Dockerfile is also provided as the
    generated-container path.
    https://github.com/Alexey-Lukin/silken_net/blob/main/bin/setup
    https://github.com/Alexey-Lukin/silken_net/blob/main/CONTRIBUTING.md
    https://github.com/Alexey-Lukin/silken_net#readme


  • Vipengee vilivyotunzwa nje


    Mradi LAZIMA uorodheshe utegemezi wa nje kwa njia inayoweza kuchakatwa na kompyuta. (URL inahitajika) [external_dependencies]
    Kwa kawaida hii inafanywa kwa kutumia mkataba wa meneja wa kifurushi na/au mfumo wa ujenzi. Kumbuka kwamba hii inasaidia kutekeleza installation_development_quick.


    Miradi LAZIMA ifuatilie au kwa muda mrefu iangalie utegemezi wao wa nje (ikiwa ni pamoja na nakala za urahisi) kugundua udhaifu unaojulikana, na kurekebisha udhaifu unaoweza kutumiwa vibaya au kuthibitisha kuwa hauwezi kutumiwa vibaya. [dependency_monitoring]
    Hii inaweza kufanywa kwa kutumia zana ya kichambua chanzo / zana ya kuangalia utegemezi / zana ya uchambuzi wa muundo wa programu kama OWASP's Dependency-Check, Sonatype's Nexus Auditor, Synopsys' Black Duck Software Composition Analysis, na Bundler-audit (kwa Ruby). Baadhi ya waendesha kifurushi wanajumuisha taratibu za kufanya hii. Ni kubaliwa ikiwa udhaifu wa vipengele hauwezi kutumiwa vibaya, lakini uchambuzi huu ni mgumu na wakati mwingine ni rahisi kusasisha au kurekebisha sehemu.

    External dependencies are monitored continuously and on every CI run across
    the polyglot stack:

    • Dependabot (.github/dependabot.yml) — weekly, 5 ecosystems: bundler (gems),
      docker (base-image tag+digest), github-actions, npm (contracts/), terraform.
    • bundler-audit (the OpenSSF-listed Ruby SCA tool) runs in CI on every push
      (.github/workflows/ci.yml) against the ruby-advisory-db; brakeman runs SAST.
    • Slither runs SCA / static analysis on the Solidity contracts
      (.github/workflows/solidity_audit.yml).
    • OpenSSF Scorecard runs weekly + on push (.github/workflows/scorecard.yml) and
      publishes results; its Vulnerabilities check queries osv.dev and its
      Dependency-Update-Tool check confirms Dependabot is active.
      The conda-managed Python research tooling and the pinned git-submodule vendored
      C libraries are not on Dependabot, but they are development/in-silico only and
      sit outside the deployed runtime trust boundary (the production service is the
      Rails app + its gems + the Docker base image, all of which are monitored).
      https://github.com/Alexey-Lukin/silken_net/blob/main/.github/dependabot.yml
      https://github.com/Alexey-Lukin/silken_net/blob/main/.github/workflows/scorecard.yml


    Mradi LAZIMA au:
    1. fanya iwe rahisi kutambua na kusasisha vipengele vinavyotumiwa tena vilivyotunzwa nje; au
    2. tumia vipengele vya kawaida vinavyotolewa na mfumo au lugha ya programu.
    Kisha, ikiwa udhaifu unapatikana katika kipengele kilichotumiwa tena, itakuwa rahisi kusasisha kipengele hicho. [updateable_reused_components]
    Njia ya kawaida ya kutimiza kigezo hiki ni kutumia mifumo ya usimamizi wa kifurushi ya mfumo na lugha ya programu. Programu nyingi za FLOSS zinasambazwa na "maktaba za urahisi" ambazo ni nakala za ndani za maktaba za kawaida (labda zilizoachana). Kwa yenyewe, hiyo ni sawa. Hata hivyo, ikiwa programu *lazima* itumie nakala hizi za ndani (zilizoachanishwa), basi kusasisha maktaba za "kawaida" kama sasisho la usalama litaacha nakala hizi za ziada bado zenye udhaifu. Hii ni suala hasa kwa mifumo ya wingu; ikiwa mtoa huduma ya wingu anasasisha maktaba zao za "kawaida" lakini programu haitazitumia, basi masasisho hayasaidii kweli. Angalia, k.m., "Chromium: Kwa nini bado haiko katika Fedora kama kifurushi sahihi" na Tom Callaway.

    Met (via both routes — standard package managers and easy-to-update pins; no
    forked convenience copies). Every reused component is identified in a
    computer-processable manifest and updated by a standard mechanism:

    • Gems (Gemfile/lock, bundle update), npm for contracts, conda for the Python
      tooling, .NET PackageReference, and JS via Rails importmap (bin/importmap pin).
    • Vendored C/firmware + CAD libraries are git submodules pinned to the CANONICAL
      UPSTREAM repositories (.gitmodules: ARM-software/CMSIS, mruby/mruby,
      LoupVaillant/Monocypher, STMicroelectronics HAL, leap71) — they are not forks,
      so a security fix is applied by bumping the submodule pin to a new upstream tag.
    • Front-end JS is supplied by the Rails framework gems (turbo/stimulus/activestorage)
      plus one version-explicit CDN pin (leaflet@1.9.4), updateable via bin/importmap.
    • OpenSSL and PostgreSQL are standard system components.
      Dependabot automates update PRs for the package-managed ecosystems weekly, so a
      vulnerable reused component is straightforward to update.
      https://github.com/Alexey-Lukin/silken_net/blob/main/.gitmodules
      https://github.com/Alexey-Lukin/silken_net/blob/main/.github/dependabot.yml


    Mradi UNAPASWA kuepuka kutumia vitendakazi na API zilizokubaliwa kuwa hazitumiki tena au zilizopitwa na wakati ambapo mbadala wa FLOSS zinapatikana katika seti ya teknolojia inayotumia ("kifurushi cha teknolojia" yake) na kwa wengi wa watumiaji ambao mradi unasaidia (ili watumiaji wawe na ufikiaji wa haraka wa mbadala). [interfaces_current]

    Met. The project runs a current technology stack (Ruby 4.0.5, Rails 8.1,
    PostgreSQL 17, Solidity 0.8.35 / EVM cancun, .NET 9) — no EOL or obsolete
    frameworks — and actively flags deprecated/obsolete APIs in CI so the FLOSS-current
    alternative is used:


  • Seti ya majaribio otomatiki


    Seti ya majaribio ya kiotomatiki LAZIMA itumike kwenye kila ukaguzi wa kuingia kwenye hifadhi iliyoshirikiwa kwa angalau tawi moja. Seti hii ya majaribio LAZIMA itoe ripoti ya mafanikio au kushindwa kwa majaribio. [automated_integration_testing]
    Mahitaji haya yanaweza kuonekana kama sehemu ndogo ya test_continuous_integration, lakini yanazingatia majaribio tu, bila kuhitaji uunganisho wa kuendelea.

    Met. A GitHub Actions automated test suite runs on every check-in — triggered on
    push to main and on every pull_request (.github/workflows/ci.yml) — and
    produces a pass/fail report via the Actions checks UI and the ci-ok aggregate
    required check. The suite spans the polyglot stack: RSpec for the Rails backend
    (bundle exec rspec), the firmware host-test suite (make -C firmware/test, plus
    an ASan/UBSan lane), Foundry forge test for the Solidity contracts
    (solidity_audit.yml), and language smoke workflows (ml_smoke, in_silico_smoke,
    cad_smoke, coap_smoke).
    https://github.com/Alexey-Lukin/silken_net/blob/main/.github/workflows/ci.yml
    https://github.com/Alexey-Lukin/silken_net/actions



    Mradi LAZIMA uongeze majaribio ya kurudi nyuma kwa seti ya majaribio ya kiotomatiki kwa angalau 50% ya hitilafu zilizorekebisha ndani ya miezi sita iliyopita. [regression_tests_added50]

    Met. The standing practice is to land a bug fix together with a regression test in
    the same commit/PR. An audit of the bug-fix commits over the last six months shows
    a clear majority shipped with a test change in the same commit; the share is higher
    for the shipped product code (Rails backend, firmware, smart contracts) — e.g.
    "Fix OTA packager 8-bit overflow + implement missing CRC16" (firmware host tests),
    "fix: rollback receipt envelope, OTA HMAC trailer, Celo double-pay" (RSpec),
    "fix(queen): FW.51 — telemetry not lost on CoAP-flush failure" (firmware host
    tests), "Fix double-anchoring risk in EthereumAnchorWorker" (RSpec). Regression
    tests live in the automated suites: RSpec (spec/), firmware host tests
    (firmware/test/), and Foundry (contracts/test/). A class of in-silico
    research-script tuning fixes (simulation NaN/SCF convergence) are not
    unit-regression-testable and are outside the shipped-product bug count.
    https://github.com/Alexey-Lukin/silken_net/tree/main/spec
    https://github.com/Alexey-Lukin/silken_net/blob/main/CONTRIBUTING.md#requirements-for-acceptable-contributions



    Mradi LAZIMA uwe na seti ya majaribio ya kiotomatiki ya FLOSS inayotoa angalau 80% ya usakinishaji wa taarifa ikiwa kuna angalau zana moja ya FLOSS inayoweza kupima kigezo hiki katika lugha iliyochaguliwa. [test_statement_coverage80]
    Zana nyingi za FLOSS zinapatikana kupima usakinishaji wa majaribio, ikiwa ni pamoja na gcov/lcov, Blanket.js, Istanbul, JCov, na covr (R). Kumbuka kwamba kutimiza kigezo hiki sio uhakika kwamba seti ya majaribio ni ya kina, badala yake, kushindwa kutimiza kigezo hiki ni kiashiria kizito cha seti ya majaribio mbaya.

    The Ruby/Rails backend — the bulk of the codebase — is measured by SimpleCov
    (FLOSS, with branch coverage enabled), and the full CI suite enforces a hard gate of
    minimum_coverage line: 99, branch: 95 (spec/spec_helper.rb): the build fails below
    99% statement coverage, well above the 80% bar. A per-group tripwire additionally
    floors Services/Workers/Models at ~99% line so no single area can erode while the
    global average holds. The other languages are measured with FLOSS coverage tools too:
    the firmware C host suite via gcov/lcov (make -C firmware/test coverage) and the
    Solidity contracts via forge coverage --report lcov (→ Codecov). The coverage-scope
    policy is documented in docs/04_06 §B.
    https://github.com/Alexey-Lukin/silken_net/blob/main/spec/spec_helper.rb
    https://github.com/Alexey-Lukin/silken_net/blob/main/.github/workflows/ci.yml


  • Upimaji wa utendaji mpya


    Mradi LAZIMA uwe na sera rasmi iliyoandikwa kwamba kadri utendakazi mkubwa mpya unaongezwa, majaribio ya utendakazi mpya LAZIMA yaongezwe kwenye seti ya majaribio ya kiotomatiki. [test_policy_mandated]

    The project has a formal written testing policy in CONTRIBUTING.md
    ("Requirements for acceptable contributions"): "Tests are mandatory for new
    functionality (project policy). When you add or change functionality you MUST add
    or update automated tests; as major new functionality is added, tests for it MUST
    be added to the relevant automated suite (RSpec / Foundry forge / firmware host
    tests). A pull request that adds major new functionality without accompanying
    tests will not be merged." The policy is backed in practice by the project's
    regression-test record (see regression_tests_added50) and the SimpleCov 99%
    line-coverage gate enforced in CI.
    https://github.com/Alexey-Lukin/silken_net/blob/main/CONTRIBUTING.md#requirements-for-acceptable-contributions



    Mradi LAZIMA ujumuishe, katika maelekezo yake yaliyoandikwa kwa mapendekezo ya mabadiliko, sera kwamba majaribio yataongezwa kwa utendakazi mkubwa mpya. [tests_documented_added]
    Hata hivyo, hata sheria isiyo rasmi inakubaliwa mradi majaribio yaongezwe kimakosa.

    The add-tests policy is documented in CONTRIBUTING.md under "Requirements for acceptable contributions".
    https://github.com/Alexey-Lukin/silken_net/blob/main/CONTRIBUTING.md#requirements-for-acceptable-contributions


  • Bendera za maonyo


    Miradi LAZIMA iwe na ukali wa juu zaidi na maonyo katika programu iliyozalishwa na mradi, iwezekanavyo vitendo. [warnings_strict]
    Baadhi ya maonyo hayawezi kuwashwa kwa ufanisi kwenye miradi fulani. Kinachohitajika ni ushahidi kwamba mradi unajitahidi kuwasha bendera za onyo ambapo inaweza, ili makosa yagundulika mapema.

    Met — strict where practical, enforced in CI across every language:

    • Firmware C: compiled with -Wall -Wextra -Wpedantic (-std=c11); cppcheck is a hard
      CI gate (firmware_lint: --enable=warning,performance,portability,style,
      --error-exitcode=1, MISRA C:2012 addon, --check-level=exhaustive), plus an
      ASan/UBSan runtime lane.
    • Ruby: RuboCop (rails-omakase) gates CI and fails on any offense.
    • Python: Ruff's strict rule-set (E/W/F/I/UP/B/C4/SIM/RUF) gates CI, and the test
      suite escalates DeprecationWarning to an error.
    • Solidity: forge fmt --check and Slither static analysis gate CI.
    • Security SAST: Brakeman gates CI.
    • .NET CAD: default .NET analyzers run on the first-party code; strictness is
      relaxed only in the third-party LEAP71 wrapper, where it is not practical.
      https://github.com/Alexey-Lukin/silken_net/blob/main/firmware/test/Makefile
      https://github.com/Alexey-Lukin/silken_net/blob/main/.github/workflows/ci.yml

 Usalama 13/13

  • Maarifa ya maendeleo yenye usalama


    Mradi LAZIMA utekeleze kanuni za muundo salama (kutoka "know_secure_design"), pale inapohusika. Ikiwa mradi hauzalishi programu, chagua "haihusiki" (N/A). [implement_secure_design]
    Kwa mfano, matokeo ya mradi yanapaswa kuwa na mipangilio salama ya kuzuia makosa (maamuzi ya ufikiaji yanapaswa kukataa kwa chaguo-msingi, na usakinishaji wa mradi unapaswa kuwa salama kwa chaguo-msingi). Pia yanapaswa kuwa na kikuu cha kati kikamilifu (kila ufikiaji ambao unaweza kuwekwa kikomo lazima ufanyiwe ukaguzi wa mamlaka na usiweze kuvukwa). Kumbuka kwamba katika hali fulani kanuni zitagombana, na katika hali hiyo chaguo lazima lifanywe (k.m., taratibu nyingi zinaweza kufanya mambo kuwa magumu zaidi, kukiuka "uchumi wa utaratibu" / iweke rahisi).

    Met. Secure design principles are implemented across the stack:

    • Fail-safe / deny-by-default: minting refuses unless every condition holds —
      BlockchainMintingService raises "Security Breach" unless the telemetry is
      verified_by_iotex?, oracle_status_fulfilled?, and KYC-approved; in production
      WEB3_STRICT_MODE=true turns missing security config (e.g. CHAINLINK_HMAC_SECRET)
      into a hard raise instead of a silent fallback.
    • Secure by default (deployment): production enforces config.force_ssl + HSTS
      (preload, 1-year, subdomains), a Content-Security-Policy with a per-request
      nonce, X-Frame-Options: DENY, X-Content-Type-Options: nosniff, a Permissions-
      Policy, and session cookies set httponly + same_site:lax + secure.
    • Complete mediation: per-resource Pundit policies (app/policies/*) plus role gates
      in the API base controller (authorize_admin!/super_admin!/forester!); thin
      controllers and AASM state machines make state changes non-bypassable.
    • Least privilege / separation of privilege: on-chain roles are split and gated by
      onlyRole(...), admin actions are routed through a Timelock, and mint()/slash()
      run on physically separate keys (MINTER_ROLE vs SLASHER_ROLE).
    • Defense in depth: a manual_review double-spend guard freezes funds when a
      transaction state is unknown; anomaly/tamper telemetry is zeroed for minting in
      BOTH firmware and backend; no weak crypto is used (no MD5/SHA-1/DES/RC4) —
      Argon2id passwords, an HKDF/HMAC key ratchet (NIST SP 800-108), AES + Ed25519.
    • Economy of mechanism: an explicit YAGNI "lazy-senior" ladder + Ruthless Pruning
      keep mechanisms minimal (CLAUDE.md §4), with input validation at trust boundaries.

    https://github.com/Alexey-Lukin/silken_net/blob/main/docs/03_05_Hardware_Symmetric_Crypto_and_Security.md
    https://github.com/Alexey-Lukin/silken_net/blob/main/config/environments/production.rb


  • Tumia mazoea mazuri ya msingi ya usimbuaji

    Kumbuka kwamba programu fulani haihitaji kutumia taratibu za usimbuaji. Ikiwa mradi wako unazalisha programu ambayo (1) inajumuisha, inaamilisha, au inafanya usimbuaji kuwa hai, na (2) inaweza kutolewa kutoka Marekani (US) kwenda nje ya Marekani au kwa raia asiye wa Marekani, inaweza kuwa ni lazima kisheria kuchukua hatua chache za ziada. Kawaida hii inahusisha tu kutuma barua pepe. Kwa maelezo zaidi, tazama sehemu ya usimbuaji ya Kuelewa Teknolojia ya Chanzo Wazi & Udhibiti wa Usafirishaji wa Marekani.

    Mifumo ya usalama ya chaguo-msingi ndani ya programu inayozalishwa na mradi LAZIMA ISITEGEMEE algoriti za kriptologia au hali zenye udhaifu mkubwa unaojulikana (k.m., algoriti ya hash ya kriptologia ya SHA-1 au hali ya CBC katika SSH). [crypto_weaknesses]
    Wasiwasi kuhusu hali ya CBC katika SSH unajadiliwa katika CERT: SSH CBC vulnerability.

    Verified across the whole stack — no algorithms with serious known weaknesses are used. Hashes: SHA-256 / HMAC-SHA256 (keccak256 in contracts); no SHA-1 or MD5 anywhere. Password hashing: Argon2id. Signatures: Ed25519. RNG: SecureRandom (backend) + hardware TRNG (firmware). The CoAP backhaul is AES-256-CBC with a fresh random IV per message (semantic security; not the SSH-CBC weakness); the LoRa target is authenticated AES-128-CCM. The only weak mode is the transitional LoRa AES-128-ECB, whose risk and mitigations are documented in docs/03_05 and which is migrating to AES-128-CCM (FW.2).
    https://github.com/Alexey-Lukin/silken_net/blob/main/docs/03_05_Hardware_Symmetric_Crypto_and_Security.md



    Mradi INAPASWA kusaidia algoriti nyingi za kriptologia, ili watumiaji waweze kubadilisha haraka ikiwa moja imevunjwa. Algoriti za kawaida za funguo za simetria ni pamoja na AES, Twofish, na Serpent. Mbadala wa algoriti za hash za kriptologia za kawaida ni pamoja na SHA-2 (ikiwa ni pamoja na SHA-224, SHA-256, SHA-384 NA SHA-512) na SHA-3. [crypto_algorithm_agility]

    Met (SHOULD). The project uses multiple cryptographic algorithm families and is
    built to switch primitives rather than hard-wiring one:

    • Hashes: both SHA-2 (SHA-256 — backend integrity, HMAC-SHA256, HKDF, audit-log
      hash chain, firmware) and SHA-3 (keccak256 — Solidity roles/parameter keys and
      Eth::Util.keccak256 on the backend) are in active use.
    • Signatures: two schemes — Ed25519 (SE050 device attestation, peaq DID, M2M auth)
      and secp256k1/ECDSA (EVM chains, IoTeX verification).
    • Symmetric: AES in four selectable modes (ECB, CCM, CBC, GCM). The backend names
      the cipher as an OpenSSL string (OpenSSL::Cipher.new("aes-256-cbc")), so switching
      to any OpenSSL-supported cipher is a one-line change, and the live
      ECB->authenticated-CCM migration is runtime-selectable via the
      TELEMETRY_CCM_ENABLED / FW2_CCM_ENABLED flags — a working demonstration of
      switching a primitive when one is found weak. A documented PQC migration roadmap
      (docs/03_05 §10) plans the post-quantum transition.
      The symmetric cipher is AES (not Twofish/Serpent) because the STM32 nodes are bound
      to the hardware AES engine; agility there is at the mode level plus the documented
      migration roadmap.
      https://github.com/Alexey-Lukin/silken_net/blob/main/docs/03_05_Hardware_Symmetric_Crypto_and_Security.md


    Mradi LAZIMA usaidie kuhifadhi vitambulisho vya uthibitishaji (kama vile nywila na ishara za nguvu) na funguo za kibinafsi za kriptologia katika mafaili ambayo yametengwa na habari nyingine (kama vile mafaili ya usanidi, hifadhidata, na kumbukumbu), na kuruhusu watumiaji kusasisha na kubadilisha bila ukusanyaji upya wa msimbo. Ikiwa mradi haufanyi usindikaji wa vitambulisho vya uthibitishaji na funguo za kibinafsi za kriptologia, chagua "haihusiki" (N/A). [crypto_credential_agility]

    Met. Credentials and private keys are stored in dedicated files/stores — separate
    from code, in-repo config, the database, and logs — and are replaceable at runtime
    without recompiling (Ruby is interpreted; secrets are read at boot):

    • App secrets (DB password, API/RPC keys, the Chainlink HMAC secret, etc.) live in
      Rails' encrypted credentials (config/credentials.yml.enc) decrypted by a separate
      config/master.key, and/or in environment variables (config/database.yml and code
      read them via ENV.fetch / Rails.application.credentials). master.key and .env* are
      git-ignored; at deploy RAILS_MASTER_KEY and other secrets are injected via Kamal
      secrets (.kamal/secrets) from the environment / a secrets manager, never committed.
    • User passwords are stored only as Argon2id hashes (HasArgon2Password concern,
      OWASP-recommended), never in plaintext.
    • Private cryptographic keys are rotatable without code changes: a key ratchet
      (Cryptography::KeyRatchet), an OTA HMAC-key service, and an over-the-air
      key-rotation worker replace device keys at runtime; the SE050 secure element holds
      non-extractable keys.
    • Secrets are kept out of logs by an explicit filter_parameters allowlist
      (passwords, tokens, *_key, private_key, mnemonic, wallet_private_key, signature…).
      https://github.com/Alexey-Lukin/silken_net/blob/main/.kamal/secrets
      https://github.com/Alexey-Lukin/silken_net/blob/main/config/initializers/filter_parameter_logging.rb


    Programu iliyozalishwa na mradi INAPASWA kusaidia itifaki salama kwa mawasiliano yake yote ya mtandao, kama vile SSHv2 au zaidi, TLS1.2 au zaidi (HTTPS), IPsec, SFTP, na SNMPv3. Itifaki zisizo salama kama vile FTP, HTTP, telnet, SSLv3 au mapema zaidi, na SSHv1 ZINAPASWA kuzimwa kwa chaguo-msingi, na kuzimwa tu ikiwa mtumiaji anaisanidi mahususi. Ikiwa programu iliyozalishwa na mradi haiesaidii mawasiliano ya mtandao, chagua "haihusiki" (N/A). [crypto_used_network]

    Met (SHOULD). All IP/web network communications use TLS by default and no insecure
    protocol is enabled:

    • The web app and API enforce HTTPS in production (config.force_ssl = true) with
      HSTS (1 year, includeSubdomains, preload) and assume_ssl behind the TLS-terminating
      Kamal proxy (Let's Encrypt, TLS 1.2/1.3). HTTP is redirected to HTTPS.
    • All outbound calls use HTTPS — chain RPC (Alchemy/Infura), Chainlink Functions,
      IoTeX and peaq endpoints — with default certificate verification (no VERIFY_NONE).
    • A scan of the code finds no FTP, telnet, SSLv3/earlier, SSHv1, or plain-HTTP
      endpoints.
      For the constrained IoT radio link (Soldier->Queen LoRa, Queen->Rails CoAP) TLS/DTLS
      is not feasible on a tens-of-bytes LoRa frame, so confidentiality and integrity are
      provided at the application layer with AES: AES-128-CCM (authenticated; the
      LoRaWAN/Zigbee/Thread/BLE golden standard for constrained IoT) on the LoRa link and
      AES-256-CBC with a per-message random IV on the CoAP backhaul. This design — and why
      heavier schemes such as Kyber do not fit the radio MTU — is documented in docs/03_05.
      The transitional AES-128-ECB LoRa mode is documented and is migrating to AES-128-CCM.
      https://github.com/Alexey-Lukin/silken_net/blob/main/config/environments/production.rb
      https://github.com/Alexey-Lukin/silken_net/blob/main/docs/03_05_Hardware_Symmetric_Crypto_and_Security.md


    Programu iliyozalishwa na mradi INAPASWA, ikiwa inasaidia au inatumia TLS, kusaidia angalau toleo la TLS 1.2. Kumbuka kuwa kilichotangulia TLS kiliitwa SSL. Ikiwa programu haitumii TLS, chagua "haihusiki" (N/A). [crypto_tls12]

    Met (SHOULD). The project uses TLS and supports TLS 1.2+ everywhere; nothing is
    configured to allow TLS 1.1 or earlier:

    • Inbound HTTPS is terminated by the Kamal proxy with automatic Let's Encrypt
      certificates (config/deploy.yml, proxy ssl: true); the proxy (Go crypto/tls)
      negotiates TLS 1.2/1.3 and does not offer TLS 1.0/1.1. The Rails app enforces it
      with config.force_ssl = true and HSTS (1 year, includeSubdomains, preload) in
      production.rb, so HTTP is redirected to HTTPS.
    • Outbound HTTPS (chain RPC, Chainlink, IoTeX, peaq) is made by Ruby 4.0.5 on
      OpenSSL 3.6.2, which negotiates TLS 1.2/1.3 by default and has TLS 1.0/1.1
      disabled; no client sets a lower ssl_version/min_version.
      No SSLv2/SSLv3 or TLS 1.1-or-earlier is configured or supported anywhere in the stack.
      https://github.com/Alexey-Lukin/silken_net/blob/main/config/environments/production.rb
      https://github.com/Alexey-Lukin/silken_net/blob/main/config/deploy.yml


    Programu iliyozalishwa na mradi LAZIMA, ikiwa inasaidia TLS, ifanye uthibitishaji wa cheti cha TLS kwa chaguo-msingi inapotumia TLS, ikiwa ni pamoja na rasilimali ndogo. Ikiwa programu haitumii TLS, chagua "haihusiki" (N/A). [crypto_certificate_verification]

    Met. TLS certificate verification is left at the secure default everywhere and is
    never disabled. A scan of the entire repository (app, lib, config, scripts, firmware,
    tools, contracts) finds no VERIFY_NONE, verify: false, ssl_verify false,
    verify_peer: false, "insecure", curl -k, or --no-check-certificate — nothing
    overrides certificate verification.

    • Outbound HTTPS uses standard clients at their defaults: the eth gem (Eth::Client,
      over Net::HTTP) for chain RPC and HTTPX for other services, both of which verify the
      server certificate by default (OpenSSL VERIFY_PEER) for https URLs. No custom
      SSLContext or verify_mode is set anywhere.
    • Subresources in the web UI (importmap JS, Leaflet) are loaded over HTTPS and a
      Content-Security-Policy restricts their origins, so the browser performs normal
      certificate verification on them as well.
      https://github.com/Alexey-Lukin/silken_net/blob/main/config/initializers/content_security_policy.rb


    Programu iliyozalishwa na mradi LAZIMA, ikiwa inasaidia TLS, ifanye uthibitishaji wa cheti kabla ya kutuma vichwa vya HTTP na habari ya kibinafsi (kama vile vidakuzi salama). Ikiwa programu haitumii TLS, chagua "haihusiki" (N/A). [crypto_verification_private]

    Met. Private information is only sent over a connection whose certificate has been
    verified:

    • Server side: session cookies are flagged secure in production
      (config/initializers/session_store.rb: secure: Rails.env.production?, plus httponly
      and same_site: :lax), and config.force_ssl = true with HSTS (1 year,
      includeSubdomains, preload) guarantees the browser transmits the cookie only over
      HTTPS after verifying the server certificate, and never over plain HTTP (HSTS
      preload blocks downgrade).
    • Client side: outbound requests carrying private headers (e.g. Authorization: Bearer
      API keys to dClimate/Filecoin, the Chainlink HMAC signature, M2M tokens) are sent
      over HTTPS via Net::HTTP/HTTPX with default certificate verification (OpenSSL
      VERIFY_PEER), which is never disabled anywhere in the codebase — the TLS handshake,
      including certificate validation, completes before the request headers are sent.
      https://github.com/Alexey-Lukin/silken_net/blob/main/config/initializers/session_store.rb
      https://github.com/Alexey-Lukin/silken_net/blob/main/config/environments/production.rb

  • Kutolewa kwa usalama


    Mradi LAZIMA uweke saini kwa kriptologia matoleo ya matokeo ya mradi yanayokusudiwa kwa matumizi ya kila mahali, na LAZIMA kuwe na mchakato ulioandikwa unaoweleza watumiaji jinsi wanaweza kupata funguo za umma za saini na kuthibitisha saini. Funguo ya kibinafsi kwa saini hizi LAZIMA ISIWE kwenye tovuti zinazosambaza moja kwa moja programu kwa umma. Ikiwa matoleo hayakusudiwa kwa matumizi ya kila mahali, chagua "haihusiki" (N/A). [signed_releases]
    Matokeo ya mradi ni pamoja na msimbo wa chanzo na matokeo yoyote yaliyozalishwa pale inapohusika (k.m., mifumo inayotekelezeka, vifurushi, na vyombo). Matokeo yaliyozalishwa YANAWEZA kuwekwa saini tofauti na msimbo wa chanzo. Hizi ZINAWEZA kutekelezwa kama lebo za git zilizowekwa saini (kwa kutumia saini za kidijitali za kriptologia). Miradi YAWEZA kutoa matokeo yaliyozalishwa tofauti na zana kama vile git, lakini katika hali hizo, matokeo tofauti LAZIMA yawekwe saini tofauti.

    Met. The project's public generated deliverable — the production container image
    mirrored to GHCR (ghcr.io/alexey-lukin/silken_net) for widespread use (e.g. Akash
    providers) — is cryptographically signed with a Sigstore-keyless SLSA
    build-provenance attestation produced by actions/attest-build-provenance in
    .github/workflows/mirror-ghcr.yml (GitHub Actions OIDC → Fulcio, logged in the
    public Rekor transparency log) and pushed to the registry alongside the image. The
    signing key is ephemeral (Fulcio-issued per build, never stored) — it is not on the
    distribution site. The documented user verification process is in SECURITY.md
    ("Verifying release artifacts"): gh attestation verify
    oci://ghcr.io/alexey-lukin/silken_net:<tag> --owner Alexey-Lukin. Source-tree
    commit/tag signing is tracked separately (OPS.10).
    https://github.com/Alexey-Lukin/silken_net/blob/main/.github/workflows/mirror-ghcr.yml
    https://github.com/Alexey-Lukin/silken_net/blob/main/SECURITY.md



    INAPENDEKEZWA kuwa katika mfumo wa udhibiti wa toleo, kila lebo muhimu ya toleo (lebo ambayo ni sehemu ya toleo kuu, toleo dogo, au kurekebishwa udhaifu uliotangazwa hadharani) iwekwe saini kwa kriptologia na iweze kuthibitishwa kama ilivyoelezwa katika signed_releases. [version_tags_signed]

    Met. The project's public generated deliverable — the production container image
    mirrored to GHCR (ghcr.io/alexey-lukin/silken_net) for widespread use (e.g. Akash
    providers) — is cryptographically signed with a Sigstore-keyless SLSA
    build-provenance attestation produced by actions/attest-build-provenance in
    .github/workflows/mirror-ghcr.yml (GitHub Actions OIDC → Fulcio, logged in the
    public Rekor transparency log) and pushed to the registry alongside the image. The
    signing key is ephemeral (Fulcio-issued per build, never stored) — it is not on the
    distribution site. The documented user verification process is in SECURITY.md
    ("Verifying release artifacts"): gh attestation verify
    oci://ghcr.io/alexey-lukin/silken_net:<tag> --owner Alexey-Lukin. Source-tree
    commit/tag signing is tracked separately (OPS.10).
    https://github.com/Alexey-Lukin/silken_net/blob/main/.github/workflows/mirror-ghcr.yml
    https://github.com/Alexey-Lukin/silken_net/blob/main/SECURITY.md


  • Masuala mengine ya usalama


    Matokeo ya mradi LAZIMA yafanye ukaguzi wa pembejeo zote kutoka vyanzo visivyoaminika ili kuhakikisha ni halali (*orodha zinazokubalika*), na kukataa pembejeo zisizo halali, ikiwa kuna vizuizi vyovyote kwenye data kabisa. [input_validation]
    Kumbuka kuwa kulinganisha ingizo dhidi ya orodha ya "miundo mibaya" (aka *orodha za kukataza*) kwa kawaida haitoshi, kwa sababu washambuliaji mara nyingi wanaweza kuepuka orodha ya kukataza. Hasa, nambari zinabadilishwa kuwa miundo ya ndani na kisha kuangaliwa ikiwa ziko kati ya chini na juu zao (ikiwa ni pamoja), na vifungu vya maandishi vinaangaliwa ili kuhakikisha kuwa ni ruwaza halali za maandishi (k.m., UTF-8 halali, urefu, sintaksia, n.k.). Baadhi ya data inaweza kuhitaji kuwa "chochote kabisa" (k.m., kipakia faili), lakini hizi kwa kawaida zingekuwa nadra.

    Met — input is validated with an allowlist approach at every untrusted boundary:

    • HTTP/API: Rails strong parameters (params.require(...).permit(...)) accept only an
      explicit allowlist of attributes; everything else is dropped. Models add
      allowlist-style validations enforced before persistence — numbers are range-checked
      (actuator_command duration numericality: { greater_than: 0, less_than_or_equal_to:
      3600 }, ai_insight scores { in: 0.0..100.0 } / { in: 0.0..1.0 }), values are
      constrained to allowlists (inclusion: { in: %w[evm solana celo] }, inclusion: { in:
      HARDWARE_TYPES }), and strings are checked for syntax/length (format: { with: ... }
      for hex addresses/bytecode, length: { maximum: ... }). Invalid records are rejected.
    • Untrusted IoT telemetry (binary LoRa/CoAP): TelemetryUnpackerService validates the
      decoded packet (valid_sensor_data?) before processing and rejects malformed or
      out-of-range frames; it also enforces a SEC.10 panic-replay counter and CCM
      key-size checks.
    • On-chain (Solidity): every external function guards its inputs with require(...) —
      non-zero addresses, array-length equality, batch-size bounds (<= MAX_BATCH_SIZE),
      positive amounts — reverting on invalid input.
    • Oracle callbacks (Chainlink) are authenticated by HMAC before their payload is
      accepted.

    https://github.com/Alexey-Lukin/silken_net/blob/main/app/models/blockchain_transaction.rb
    https://github.com/Alexey-Lukin/silken_net/blob/main/app/services/telemetry_unpacker_service.rb



    Taratibu za kuimarisha ZINAPASWA kutumiwa katika programu iliyozalishwa na mradi ili kasoro za programu ziwe na uwezekano mdogo wa kusababisha udhaifu wa usalama. [hardening]
    Taratibu za kuimarisha zinaweza kujumuisha vichwa vya HTTP kama Sera ya Usalama wa Maudhui (CSP), bendera za mkusanyaji ili kupunguza mashambulizi (kama vile -fstack-protector), au bendera za mkusanyaji ili kuondoa tabia isiyofafanuliwa. Kwa madhumuni yetu upendeleo mdogo hauhesabiwi kuwa utaratibu wa kuimarisha (upendeleo mdogo ni muhimu, lakini tofauti).

    Met (SHOULD). Hardening mechanisms are applied on both the web and firmware sides.

    Web (Rails — the network-facing attack surface):

    • A strict Content-Security-Policy (config/initializers/content_security_policy.rb):
      default_src/base_uri/form_action 'self', frame_ancestors 'none', frame_src 'none',
      object_src 'none', and a per-request nonce for inline scripts (no 'unsafe-inline'
      on script-src).
    • A full security-header set (config/initializers/security_headers.rb): X-Frame-Options
      DENY, X-Content-Type-Options nosniff, Referrer-Policy strict-origin-when-cross-origin,
      Cross-Origin-Opener-Policy / Cross-Origin-Resource-Policy same-origin, a restrictive
      Permissions-Policy, and X-XSS-Protection 0 (disables the legacy exploitable filter).
    • HSTS with preload (1 year, includeSubdomains) + config.force_ssl; session cookies are
      httponly + secure + same_site:lax.

    Firmware C (a memory-unsafe language → compiler hardening):

    • The entire host test suite is compiled and executed under AddressSanitizer +
      UndefinedBehaviorSanitizer (-fsanitize=address,undefined -fno-sanitize-recover=all) on
      every CI run, so undefined behavior, buffer overflows and use-after-free abort the build
      before release — the criterion's "compiler flags to eliminate undefined behavior"
      example. The host build also honors -fstack-protector-strong / -D_FORTIFY_SOURCE / RELRO.

    https://github.com/Alexey-Lukin/silken_net/blob/main/config/initializers/content_security_policy.rb
    https://github.com/Alexey-Lukin/silken_net/blob/main/firmware/test/Makefile



    Mradi LAZIMA utoe kesi ya uhakika inayosababisha kwa nini mahitaji yake ya usalama yanakidhi. Kesi ya uhakika LAZIMA ijumuishe: maelezo ya muundo wa tishio, utambulisho wazi wa mipaka ya kuaminiwa, hoja kwamba kanuni za muundo salama zimetumika, na hoja kwamba udhaifu wa kawaida wa utekelezaji wa usalama umekabiliana nao. (URL inahitajika) [assurance_case]
    Kesi ya uhakika ni "mwili wa ushahidi ulioandikwa unaotoa hoja inayoshawishi na halali kwamba seti maalum ya madai muhimu kuhusu mali za mfumo ziko na sababu za kutosha kwa programu maalum katika mazingira maalum" ("Uhakika wa Programu Kwa kutumia Miundo ya Kesi ya Uhakika Iliyopangwa", Thomas Rhodes et al, NIST Interagency Report 7608). Mipaka ya kuaminiwa ni mipaka ambapo data au utekelezaji hubadilisha kiwango chake cha kuaminiwa, k.m., mipaka ya seva katika programu ya kawaida ya wavuti. Ni ya kawaida kuorodhesha kanuni za muundo salama (kama vile Saltzer na Schroeer) na udhaifu wa kawaida wa utekelezaji wa usalama (kama vile OWASP top 10 au CWE/SANS top 25), na kuonyesha jinsi kila moja unavyokabiliana. Kesi ya uhakika ya BadgeApp inaweza kuwa mfano wenye manufaa. Hii inahusiana na documentation_security, documentation_architecture, na implement_secure_design.

    Met. The project provides a structured security assurance case at
    docs/SECURITY_ASSURANCE_CASE.md. It states the top-level security claims; a threat
    model (assets, threat actors, and attack surfaces across the Soldier->Queen->Rails->chain
    pipeline); an explicit identification of every trust boundary and the guard that
    enforces it; an argument that Saltzer-Schroeder secure-design principles are applied,
    with code anchors; and an OWASP Top 10 (2021) table showing how each common
    implementation weakness is countered - followed by an honest residual-risk and
    assumptions section. Each claim is backed by the test / SAST / SCA evidence listed in
    the document.
    https://github.com/Alexey-Lukin/silken_net/blob/main/docs/SECURITY_ASSURANCE_CASE.md


 Uchanganuzi 2/2

  • Uchambuzi tuli wa msimbo


    Mradi LAZIMA utumie angalau zana moja ya uchanganuzi tuli yenye sheria au mbinu za kutafuta udhaifu wa kawaida katika lugha au mazingira yaliyochanganuliwa, ikiwa kuna angalau zana moja ya FLOSS inayoweza kutekeleza kigezo hiki katika lugha iliyochaguliwa. [static_analysis_common_vulnerabilities]
    Zana za uchambuzi tuli ambazo zimeundwa hasa kutafuta udhaifu wa kawaida zina uwezekano mkubwa wa kuzipata. Hata hivyo, kutumia zana zozote za tuli kwa kawaida itasaidia kupata baadhi ya matatizo, kwa hivyo tunashauri lakini hatunahitaji hii kwa kiwango cha nishani ya 'kupita'.

    The static analyzers used are specifically designed to find common vulnerabilities: Brakeman targets Rails vulnerability classes (SQL injection, XSS, mass assignment, CSRF), CodeQL runs security queries mapped to CWE, Slither has detectors for common Solidity vulnerabilities (reentrancy, access control, arithmetic), and cppcheck flags memory/defect issues in C. CodeQL runs security queries mapped to CWE (GitHub default setup, across all six
    languages — Ruby, C/C++, C#, JS/TS, Python, Actions).
    https://github.com/Alexey-Lukin/silken_net/blob/main/.github/workflows/solidity_audit.yml


  • Uchambuzi wa msimbo wa nguvu za ziada


    Ikiwa programu iliyozalishwa na mradi inajumuisha programu iliyoandikwa kwa kutumia lugha isiyosalama ya kumbukumbu (k.m., C au C++), basi angalau zana moja ya nguvu (k.m., fuzzer au kitafutaji cha programu ya wavuti) LAZIMA itumike kwa kawaida kwa pamoja na utaratibu wa kugundua matatizo ya usalama wa kumbukumbu kama vile uandikaji zaidi wa kipengele. Ikiwa mradi hauzalishi programu iliyoandikwa katika lugha isiyosalama ya kumbukumbu, chagua "haihusiki" (N/A). [dynamic_analysis_unsafe]
    Mifano ya taratibu za kugundua matatizo ya usalama wa kumbukumbu ni pamoja na Address Sanitizer (ASAN) (inapatikana katika GCC na LLVM), Memory Sanitizer, na valgrind. Zana nyingine zinazoweza kutumika ni pamoja na thread sanitizer na undefined behavior sanitizer. Madai ya kila mahali pia yaweza kufanya kazi.

    The project ships memory-unsafe C firmware (STM32 Soldier/Queen + the One-Home libraries in firmware/common/), so N/A does not apply. Every host-based unit test (firmware/test/, ~22 binaries covering the untrusted-input parsers — AT-command/CoAP PDU tokenizer, circular-DMA UART RX ring, flash KV/ring/OTA journals with power-cut fault injection — plus the crypto, DSP and TinyML paths) is compiled and executed under AddressSanitizer + UndefinedBehaviorSanitizer on every CI run, via make -C firmware/test asan in the firmware_test job of .github/workflows/ci.yml (gating through the ci-ok aggregate required check). Flags: -fsanitize=address,undefined -fno-sanitize-recover=all -fno-omit-frame-pointer -g -O1. AddressSanitizer detects heap/stack/global buffer overflows (the explicit "buffer overwrite" concern), use-after-free/return and double-free; UndefinedBehaviorSanitizer detects signed-integer overflow, out-of-bounds shifts, misaligned/null pointer dereferences and invalid enum/bool loads; halt_on_error=1 makes the first finding fail the build. LeakSanitizer is intentionally disabled (detect_leaks=0) because the only allocations outliving main() are OpenSSL's one-time global init in two tests, which the short-lived test processes deliberately do not tear down — a "still reachable" false positive, not a memory-safety defect. This dynamic lane complements the existing static analysis (cppcheck firmware_lint, CodeQL c-cpp, and -Wall -Wextra -Wpedantic).
    https://github.com/Alexey-Lukin/silken_net/blob/main/firmware/test/Makefile



Data hii inapatikana chini ya Community Data License Agreement – Permissive, Version 2.0 (CDLA-Permissive-2.0). Hii inamaanisha kuwa Mpokeaji wa Data anaweza kushiriki Data, na au bila marekebisho, mradi Mpokeaji wa Data anapatanisha maandishi ya mkataba huu na Data iliyoshirikiwa. Tafadhali tambua Alexey Lukin na wachangiaji wa nishani ya Mazoea Bora ya OpenSSF.

Ingizo la nishani ya mradi linamilikiwa na: Alexey Lukin.
Ingizo liliundwa siku 2026-06-24 13:17:00 UTC, iliyosasishwa mara ya mwisho siku 2026-06-25 13:55:07 UTC. Ilipata mara ya mwisho nishani ya kupita siku 2026-06-24 17:34:54 UTC.