List of open actions

CIP-0096

CIP-0096 has been roughly approved by the CIP editors. The only remaining questions is how do we link to the certification standards?

Status

CIP-0096

Open questions

[ ] Do we version the certification standard and have the documents attached to the CIP?

Certification of parametrized scripts

Our current solution does not work well with parametrized scripts

Status

Proposal by Ali for issuing on-the-fly certificates

[ ] Discuss alternative options before deciding

List of vulnerabilities

This action is to list all the current known weaknesses/vulnerabilities in a standard format so that it can be referenced and searched by developer, and auditors.

Status

Common Vulnerability from Plutonomicon and MLabs Vulnerability using the new template by VacuumLabs Vulnerabilities using the new template by Tweag Template for vulnerabilities

Open actions

All auditors complete the list of vulnerabilities Format the vulnerabilities according to the template Adoption of the template

Certification levels

This action is to build the certification levels as a standard.

Status

Writing Cardano Certification Levels Specifications #23 Certification of a Dapp Checklist Published the overview from the blog post Certification Levels Standards CIP-0052 Cardano audit best practice guidelines

Open actions

Define Level 1,2,3

Cardano Threat Intelligence

Cardano Threat Intelligence is a framework described by Ali to maintain a list of vulnerabilities, weaknesses. Deal with the reveal of a new vulnerability.

Status

Presentation to the devex working group Work on the naming convention for vulnerabilities Template for vulnerabilities

Open action

Decide what is in the scope of the Working group

List of tools

The idea was to list the known tools so the working group could work on establishing a list of trusted tools for certification.

Status

ToolList.md

Open actions

Decide if the working group should maintain such a list Update and Maintain the list?

input-output-hk / Certification-working-group