6603100c7e
This runs whenever the script is modified, or weekly to ensure the CI doesn't inadvertently decay (due to using the latest packages for a variety of shells). This runs with `sh` (presumably `dash`), `ksh`, `bash`, `dash` (explicitly), `zsh`, `ash` (Busybox), `hush` (Busybox), `mksh`, `yash`, and `brush`. While none of these guarantee this script is POSIX-compliant, as a fully and explicitly-only POSIX-compliant environment is not constructed, this does reasonably test the script itself to be POSIX-compliant. The tools called have been reviewed for being used to the POSIX standard (although not audited to that degree). The script itself is modified with the following changes for compliance with POSIX: 1) `hexdump` is replaced with `od` (`od` suggested by @PlasmaPower) 2) `printf \xFF` replaced with octal escapes, as `\x` is not part of POSIX 3) `head -c` is replaced with `cut`, as the `-c` option is not standardized under POSIX (despite it being present for `tail`). This was identified by @PlasmaPower. As we used `head -c-2` to truncate the last two characters of a string, we now use `wc -c` for a `strlen` to enable the necessary arithmetic to calculate what two bytes in from the end of the string is. This entire effort can be argued pointless, as we could simply run `monerod` on Debian. This script is useful, the journey down the rabbithole of POSIX compliance fascinating, and the methodology applicable to other potential futures though (whether running binaries on Alpine or testing other `sh` scripts for their portability). As part of this effort overall, our CI was extended with `shellcheck` for all `sh` scripts in-tree, including all of our existing `sh` scripts. That there is an actual, direct benefit past this specific effort.
Serai
Serai is a new DEX, built from the ground up, initially planning on listing Bitcoin, Ethereum, DAI, and Monero, offering a liquidity-pool-based trading experience. Funds are stored in an economically secured threshold-multisig wallet.
Layout
-
audits: Audits for various parts of Serai. -
spec: The specification of the Serai protocol, both internally and as networked. -
docs: User-facing documentation on the Serai protocol. -
common: Crates containing utilities common to a variety of areas under Serai, none neatly fitting under another category. -
crypto: A series of composable cryptographic libraries built around theff/groupAPIs, achieving a variety of tasks. These range from generic infrastructure, to our IETF-compliant FROST implementation, to a DLEq proof as needed for Bitcoin-Monero atomic swaps. -
networks: Various libraries intended for usage in Serai yet also by the wider community. This means they will always support the functionality Serai needs, yet won't disadvantage other use cases when possible. -
message-queue: An ordered message server so services can talk to each other, even when the other is offline. -
processor: A generic chain processor to process data for Serai and process events from Serai, executing transactions as expected and needed. -
coordinator: A service to manage processors and communicate over a P2P network with other validators. -
substrate: Substrate crates used to instantiate the Serai network. -
orchestration: Dockerfiles and scripts to deploy a Serai node/test environment. -
tests: Tests for various crates. Generally,crate/src/testsis used, orcrate/tests, yet any tests requiring crates' binaries are placed here.
Security
Serai hosts a bug bounty program via Immunefi. For in-scope critical vulnerabilities, we will reward whitehats with up to $30,000.
Anything not in-scope should still be submitted through Immunefi, with rewards issued at the discretion of the Immunefi program managers.