docs: add /audits directory and security contact (MEN-46)#717
Closed
docs: add /audits directory and security contact (MEN-46)#717
Conversation
Covers all 5 required subsections: 1. System overview — multi-currency stablecoin and FX infrastructure 2. Contract subsystems — Broker/Exchange Providers, Oracle/Relayers, Tokens, Governance (TimelockController/GovernanceFactory), Reserve 3. Key interaction flows — swap, oracle update, governance proposal 4. Upgradeability notes — Celo Proxy vs OZ Transparent vs non-upgradeable 5. Entry points — where to start reading by focus area Source: mento-core QA audit P2-9 (MEN-42) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…(MEN-42) Documents system overview, all 6 contract subsystems (Broker/Exchange Providers, Oracle/Relayers, Tokens, Governance, Reserve, Liquidity Strategies), key interaction flows (swap, oracle update, governance proposal), proxy upgradeability patterns, and recommended code entry points for new contributors and auditors. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Author
|
Closing this PR as part of a workflow change. Going forward, all PRs must be submitted through the fork-based review process: branches are pushed to mento-val's personal forks, reviewed by the Engineering Manager, and then the EM opens the upstream PR. This work is valid and will be re-submitted through the proper workflow once Val's fork remotes are configured. See Paperclip issue MEN-61 for context. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Addresses MEN-46 from the mento-core QA audit security posture review (P2-8).
/audits/README.mdwith an audit report index, scope description, and vulnerability reporting instructionsREADME.mdlinking to the audits directory and providingsecurity@mento.orgcontactChanges
audits/README.md(new): Placeholder audit index with table for future reports, protocol scope, and responsible disclosure instructionsREADME.md: New Security section with audit link, contact email, and bug bounty placeholderAcceptance Criteria
/audits/README.mdcreatedREADME.mdhas a Security section with contact infoCloses MEN-46