main/ release tags: production full node- Feature branches (e.g.
hip-23-draft): draft standards — run tests before integration
Before shipping wallet, gateway, or indexer support for HIP-23 patterns:
cargo test hip23_ -- --nocaptureThis runs regression, adversarial, stress, production-path, audit-strict, chain, replay, and proptest suites.
Documentation:
doc/HIP23.md— normative specdoc/HIP23_wallet_checklist.md— pre-sign validationdoc/HIP23_threat_model.md— threat analysisdoc/HIP23_audit_findings.md— known issues
Report security issues privately to the repository maintainers. Do not open public issues for exploitable consensus or node vulnerabilities until coordinated disclosure.
Include:
- Affected component (node, protocol, HIP draft)
- Reproduction steps or proof-of-concept
- Impact assessment
- Suggested fix (optional)
| Mode | fast_sync |
Use |
|---|---|---|
| Pattern semantics | true |
Guard/TEX/AST logic |
| Production-like | false |
Signatures, duplicate-tx, fee rules |
Integrators MUST validate against production-like mode before mainnet use.
cargo install cargo-fuzz
cd fuzz && cargo fuzz run tex_cell_act_parse -- -max_total_time=30Proptest also covers random TEX wire parse (hip23_proptest_tex_wire_parse_never_panics).
Periodically run:
cargo audit(Requires cargo-audit crate installed.)
HIP-23 is an application integration standard — it does not alter consensus. Security focus is on correct composition, co-signing, and indexer classification to prevent integrator-level fund loss.