Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create CONTRIBUTING.md #3922

Closed
wants to merge 1 commit into from
Closed

Create CONTRIBUTING.md #3922

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
48 changes: 48 additions & 0 deletions CONTRIBUTING.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
Thanks for devoting your thoughts and time to deciding to contribute to rippled and help it develop better.
Table of contents -
Code of Conduct
How to set up rippled on your systems for different operating systems.
Things you would like to explore before moving forward on your journey to contribute to rippled.
How can I contribute?
Our Bug Bounty Program

1.Code of Conduct
Please abide by the rules while using and contributing to rippled.

2.How to set up rippled on your systems for different operating systems

Hello friends, you are currently looking into how to start contributing to Rippled.
For contribution, we first need to get the thing installed on our systems.
For Linux systems, the instructions are as follows in the given article:-
(https://github.com/ripple/rippled/tree/develop/Builds/linux)
For Windows systems, the instructions are as follows in the given article:-
(https://github.com/ripple/rippled/tree/develop/Builds/VisualStudio2017)
For Mac systems, the instructions are as follows in the given article:-
(https://github.com/ripple/rippled/tree/develop/Builds/macos)

3.Things you would like to explore before moving forward on your journey to contribute to rippled
People trying to add some new features to the codebase, want to know about the code style used in rippled codebases, want to know about the databases and how to use them and see them and many more things can have a look into the page given here(https://thejohnfreeman.github.io/rippled/pages.html)
People trying to commit some changes to the codebase can look into the rippled code tree and subtree. This can help you from getting any violations of branches while contributing. A page that has the rippled tree for version 1.5.0 is given here for your reference(https://thejohnfreeman.github.io/rippled/)
4.How can I contribute?
The things you can us with are the following-
You can help by reporting bugs. The exact procedure to report bugs in rippled can be seen in security.md file.
You can see the issues section to find some already reported issues or help us by reporting any new issue you encountered while rippled.
5. Bug Bounty Program
Ripple is generously sponsoring a bug bounty program for vulnerabilities in rippled (and other related projects, like ripple-lib).
This program allows us to recognize and reward individuals or groups that identify and report bugs. In summary, order to qualify for a bounty, the bug must be:
In scope. Only bugs in software under the scope of the program qualify. Currently, that means rippled and ripple-lib.
Relevant. A security issue, posing a danger to user funds, privacy or the operation of the XRP Ledger.
Original and previously unknown. Bugs that are already known and discussed in public do not qualify. Previously reported bugs, even if publicly unknown, are not eligible.
Specific. We welcome general security advice or recommendations, but we cannot pay bounties for that.
Fixable. There has to be something we can do to permanently fix the problem. Note that bugs in other people’s software may still qualify in some cases. For example, if you find a bug in a library that we use which can compromises the security of software that is in scope and we can get it fixed, you may qualify for a bounty.
Unused. If you use the exploit to attack the XRP Ledger, you do not qualify for a bounty. If you report a vulnerability used in an ongoing or past attack and there is specific, concrete evidence that suggests you are the attacker we reserve the right not to pay a bounty.
The amount paid varies dramatically. Vulnerabilities that are harmless on their own, but could form part of a critical exploit will usually receive a bounty. Full-blown exploits can receive much higher bounties. Please don’t hold back partial vulnerabilities while trying to construct a full-blown exploit. We will pay a bounty to anyone who reports a complete chain of vulnerabilities even if they have reported each component of the exploit separately and those vulnerabilities have been fixed in the meantime. However, to qualify for a the full bounty, you must to have been the first to report each of the partial exploits.
Contacting Us
To report a qualifying bug, please send a detailed report to:
Email [email protected]
Short Key ID 0xC57929BE
Long Key ID 0xCD49A0AFC57929BE
Fingerprint 24E6 3B02 37E0 FA9C 5E96 8974 CD49 A0AF C579 29BE

Note- Most of the things required for contribution are mentioned. In case you find something else. You are always welcome to do those.
S