Criteria For I2P Application Devs

[Shoalsteed]

Software does what it says (i.e. it works)

Has build, installation, and use documentation including clear dependencies documented

If current version is insecure or does not yet protect anonymity, that's clearly stated

Has a published method to report bugs publicly

Has a published method to report security bugs privately

Has a policy that security vulnerabilities are fixed and a new version released promptly

Project is active and has regular releases

Releases including binary and source are GPG signed and include release notes

Open source licensed

Maintained and supports current protocol standards (e.g. I2NP, streaming, crypto) as applicable, or at least isn't too far behind. This doesn't mean complete implementation of all standards, just that it's compatible with the current protocols, and isn't so far behind current standards (e.g. crypto) that it doesn't work well, more or less.

Does not harm or overload the network or related resources such as reseeds, floodfills, websites, naming/jump servers, or other network services, via bugs or abusive behavior. This, of course, requires correct routing of participating traffic and honoring of participating acceptance, and correct implementation of netdb stores, flooding, and query responses if floodfill is supported and advertised.

If the software is a significant portion of the network (e.g. Vuze), that it does not, in aggregate, use more resources than it contributes, leading to risk of congestion collapse in the network. This would have to be a sustained problem that we could not resolve. These issues are generally related to default settings, automatic configuration, and exposure of options to users. We have an open communication channel with the project.

[Shoalsteed]

If devs want adoption / funding, they need to ensure that there are feedback loops in place for people to test the utility and experience of their output.

[Shoalsteed]

Make this a page in docs hub , include opportunities for funding and advice.