From 53ec7922211c7e632a9f26cd567c48f952929df8 Mon Sep 17 00:00:00 2001 From: Alexander Gonzalez Date: Wed, 13 Mar 2024 15:10:13 +0100 Subject: [PATCH] feat(crypto): document package feature flags --- GUIDELINES.md | 11 ++++++----- SECURITY.md | 6 ++++-- lib/crypto/README.md | 15 +++++++++++---- 3 files changed, 21 insertions(+), 11 deletions(-) diff --git a/GUIDELINES.md b/GUIDELINES.md index 7e62c96b..3f7bc950 100644 --- a/GUIDELINES.md +++ b/GUIDELINES.md @@ -117,7 +117,8 @@ This is enforced by `rustfmt`. Note that this is a `nightly` feature. ### Variable naming -Use short 1-letter names when the variable scope is only a few lines, or the context is +Use short 1-letter names when the variable scope is only a few lines, or the +context is obvious, eg. ```rust @@ -148,10 +149,10 @@ and/or object and repeating that would be redundant. ## Dependencies -Before adding any code dependencies, check with the maintainers if this is okay. -In general, we try not to add external dependencies unless it's necessary. -Dependencies increase counter-party risk, build-time, attack surface, and -make code harder to audit. +Before adding any code dependencies, check with the maintainers if this is +okay. In general, we try not to add external dependencies unless it's +necessary. Dependencies increase counter-party risk, build-time, attack +surface, and make code harder to audit. We also optimize for binary size, which means we try to keep generated code to a minimum and adding dependencies is one of the biggest sources of code bloat. diff --git a/SECURITY.md b/SECURITY.md index 8bd19014..a0acc639 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,6 +1,8 @@ # Security -> ⚠️ Warning! ⚠️ -> This project is still in a very early and experimental phase. It has never been audited nor thoroughly reviewed for security vulnerabilities. Do not use in production. +> [!WARNING] +> This project is still in a very early and experimental phase. It has never +> been audited nor thoroughly reviewed for security vulnerabilities. Do not use +> in production. Please report any security issues you find to security@openzeppelin.com. diff --git a/lib/crypto/README.md b/lib/crypto/README.md index 0a458fee..97b476d0 100644 --- a/lib/crypto/README.md +++ b/lib/crypto/README.md @@ -2,7 +2,8 @@ Common cryptographic procedures for a blockchain environment. -> [!WARNING] `crypto` is still `0.*.*`, so breaking changes +> [!WARNING] +> Note that `crypto` is still `0.*.*`, so breaking changes > [may occur at any time](https://semver.org/#spec-item-4). If you must depend > on `crypto`, we recommend pinning to a specific version, i.e., `=0.y.z`. @@ -10,9 +11,15 @@ Common cryptographic procedures for a blockchain environment. [`merkle.rs`](lib/crypto/src/merkle.rs) provides: -* A `verify` function which can prove that some value is part of a [Merkle tree]. -* A `verify_multi_proof` function which can prove multiple values are part of a [Merkle tree]. +- A `verify` function which can prove that some value is part of a + [Merkle tree]. +- A `verify_multi_proof` function which can prove multiple values are part of a + [Merkle tree]. [Merkle tree]: https://en.wikipedia.org/wiki/Merkle_tree -TODO: Document feature flags. +## Feature Flags + +This crate exposes its modules behind feature gates to ensure the bare minimum +is included in consumer condebases. You can check the current feature flags in +the [Cargo.toml](./Cargo.toml) file.