Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Validator manager audit #640

Merged
merged 5 commits into from
Nov 20, 2024
Merged

Add Validator manager audit #640

merged 5 commits into from
Nov 20, 2024

Conversation

geoff-vball
Copy link
Contributor

Why this should be merged

Adds Validator Manager audit.

Moves ICTT audit into root audit folder.

How this works

How this was tested

How is this documented

@geoff-vball geoff-vball requested a review from a team as a code owner November 7, 2024 21:57
iansuvak
iansuvak reviewed Nov 7, 2024
View reviewed changes
contracts/ictt/audits/README.md
@@ -1,8 +0,0 @@
# Audits
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we no longer want to have a README that points to the audits (updated of course)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it would probably be a good idea... I'm just trying to think of the best way to do it. Should we only include line items for the most recent audit for any given contract? For instance, it doesn't feel helpful to list the Least Authority teleporter audit from July 2023, since this is not we want anyone to deploy. But even the most recent audit for teleporter isn't done on the exact commit that we tagged v1.0.0. I'm having trouble figuring out the best way to communicate best practices here 😅

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be nice to keep a historical accounting of all the audits. Perhaps it can be broken down into two sections: Latest audit, and historical audits with text to make it clear that the old contracts should not be deployed.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would keep all audit reports in the repository, pointing readers to the relevant, most up-to-date audits. Advise that old audits may now be obsolete, and legacy code superseded by new versions are not recommended for production deployments.

iansuvak
iansuvak approved these changes Nov 20, 2024
View reviewed changes
Copy link
Contributor

@iansuvak iansuvak left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Confirmed that rendered markdown links correctly to the audits!

@geoff-vball geoff-vball merged commit 46f6840 into main Nov 20, 2024
17 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@richardpringle richardpringle richardpringle approved these changes

@iansuvak iansuvak iansuvak approved these changes

@bernard-avalabs bernard-avalabs Awaiting requested review from bernard-avalabs bernard-avalabs is a code owner automatically assigned from ava-labs/interop

@michaelkaplan13 michaelkaplan13 Awaiting requested review from michaelkaplan13 michaelkaplan13 is a code owner automatically assigned from ava-labs/interop

@cam-schultz cam-schultz Awaiting requested review from cam-schultz cam-schultz is a code owner automatically assigned from ava-labs/interop

@meaghanfitzgerald meaghanfitzgerald Awaiting requested review from meaghanfitzgerald

Assignees
No one assigned
Labels
None yet
Projects
Platform Engineering Group
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@geoff-vball @iansuvak @richardpringle @bernard-avalabs @meaghanfitzgerald