diff --git a/.github/ISSUE_TEMPLATES/T-Attack.yml b/.github/ISSUE_TEMPLATES/T-Attack.yml
new file mode 100644
index 0000000..5bc0422
--- /dev/null
+++ b/.github/ISSUE_TEMPLATES/T-Attack.yml
@@ -0,0 +1,36 @@
+name: Document Attack Pattern
+description: Suggest a Attack Pattern
+labels: ["T-Attack"]
+body:
+ - type: markdown
+ attributes:
+ value: |
+ Please ensure that the attack is not listed and has not already been requested or discussed in the issue tracker.
+
+ - type: dropdown
+ attributes:
+ label: Category
+ description: What category is the feature for?
+ multiple: true
+ options:
+ - Market Attacks
+ - Economic Attacks
+ - MEV Vectors
+ - Governance Vectors
+ - On-Chain
+ - Inter-Chain
+ - Solidity/SWC
+ - Off-Chain
+# - Process Creation, Command Execution, Access Esclation, Service Modification, Trust Modification, Code Injection
+ validations:
+ required: true
+ - type: textarea
+ attributes:
+ label: Describe the attack pattern
+ description: Please also describe any known usages in the wild of said pattern/vector
+ validations:
+ required: true
+ - type: textarea
+ attributes:
+ label: Additional context
+ description: Add any other context to the feature (like screenshots, resources)
diff --git a/.github/ISSUE_TEMPLATES/config.yml b/.github/ISSUE_TEMPLATES/config.yml
new file mode 100644
index 0000000..084b22e
--- /dev/null
+++ b/.github/ISSUE_TEMPLATES/config.yml
@@ -0,0 +1,5 @@
+blank_issues_enabled: true
+contact_links:
+ - name: Contact
+ url: mailto:sam@manifoldfinance.com
+ about: Contact me via e-mail if you have a security issue or question.
diff --git a/lib/announcements-rss.xsl b/lib/announcements-rss.xsl
new file mode 100644
index 0000000..d05d572
--- /dev/null
+++ b/lib/announcements-rss.xsl
@@ -0,0 +1,76 @@
+
+
+
+
+
+
+
+
+
+
+
+ Manifold Finance Changelog
+ https://manifoldfinance.com/changelog.html
+
+ DeFi Threat Matrix
+
+
+
+ DeFi Threat Announcements
+ https://manifoldfinance.com/static/logo/defithreat.png
+ https://manifoldfinance.com/defi-threat.html
+
+
+
+ -
+ <xsl:apply-templates select="title/child::node()" mode="id" />
+ https://manifoldfinance.com/threats/announcements.html#
+
+
+
+
+
+
+
+
+
+
+
+ <
+
+
+
+
+ >
+
+ </
+
+ >
+
+
+ />
+
+
+
+
+
+
+
+ ="
+
+ "
+
+
+
+
+
+
+
diff --git a/lib/gen-rss.cjs b/lib/gen-rss.cjs
new file mode 100644
index 0000000..a2e0439
--- /dev/null
+++ b/lib/gen-rss.cjs
@@ -0,0 +1,38 @@
+const { promises: fs } = require('fs')
+const path = require('path')
+const RSS = require('rss')
+const matter = require('gray-matter')
+
+async function generate() {
+ const feed = new RSS({
+ title: 'DeFi Threat Matrix',
+ site_url: 'https://apt.securerpc.com',
+ feed_url: 'https://apt.securerpc.com/feed.xml'
+ });
+
+ const posts = await fs.readdir(path.join(__dirname, '..', 'pages', 'posts'))
+
+ await Promise.all(
+ posts.map(async (name) => {
+ if (name.startsWith('index.')) return
+
+ const content = await fs.readFile(
+ path.join(__dirname, '..', 'pages', 'posts', name)
+ )
+ const frontmatter = matter(content)
+
+ feed.item({
+ title: frontmatter.data.title,
+ url: '/posts/' + name.replace(/\.mdx?/, ''),
+ date: frontmatter.data.date,
+ description: frontmatter.data.description,
+ categories: frontmatter.data.tag.split(', '),
+ author: frontmatter.data.author
+ })
+ })
+ )
+
+ await fs.writeFile('./public/feed.xml', feed.xml({ indent: true }))
+}
+
+generate();
diff --git a/lib/osv.schema.json b/lib/osv.schema.json
new file mode 100644
index 0000000..176d9bc
--- /dev/null
+++ b/lib/osv.schema.json
@@ -0,0 +1,306 @@
+{
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
+ "title": "Open Source Vulnerability",
+ "description": "A schema for describing a vulnerability in an open source package.",
+ "type": "object",
+ "properties": {
+ "schema_version": {
+ "type": "string"
+ },
+ "id": {
+ "type": "string"
+ },
+ "modified": {
+ "type": "string",
+ "format": "date-time"
+ },
+ "published": {
+ "type": "string",
+ "format": "date-time"
+ },
+ "withdrawn": {
+ "type": "string",
+ "format": "date-time"
+ },
+ "aliases": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "related": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "summary": {
+ "type": "string"
+ },
+ "details": {
+ "type": "string"
+ },
+ "severity": {
+ "type": "array",
+ "items": {
+ "type": "object",
+ "properties": {
+ "type": {
+ "type": "string",
+ "enum": [
+ "CVSS_V3"
+ ]
+ },
+ "score": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "type",
+ "score"
+ ]
+ }
+ },
+ "affected": {
+ "type": "array",
+ "items": {
+ "type": "object",
+ "properties": {
+ "package": {
+ "type": "object",
+ "properties": {
+ "ecosystem": {
+ "type": "string"
+ },
+ "name": {
+ "type": "string"
+ },
+ "purl": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "ecosystem",
+ "name"
+ ]
+ },
+ "ranges": {
+ "type": "array",
+ "items": {
+ "type": "object",
+ "properties": {
+ "type": {
+ "type": "string",
+ "enum": [
+ "GIT",
+ "SEMVER",
+ "ECOSYSTEM"
+ ]
+ },
+ "repo": {
+ "type": "string"
+ },
+ "events": {
+ "type": "array",
+ "contains": {
+ "required": [
+ "introduced"
+ ]
+ },
+ "items": {
+ "type": "object",
+ "oneOf": [
+ {
+ "type": "object",
+ "properties": {
+ "introduced": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "introduced"
+ ]
+ },
+ {
+ "type": "object",
+ "properties": {
+ "fixed": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "fixed"
+ ]
+ },
+ {
+ "type": "object",
+ "properties": {
+ "last_affected": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "last_affected"
+ ]
+ },
+ {
+ "type": "object",
+ "properties": {
+ "limit": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "limit"
+ ]
+ }
+ ]
+ },
+ "minItems": 1
+ },
+ "database_specific": {
+ "type": "object"
+ }
+ },
+ "allOf": [
+ {
+ "if": {
+ "properties": {
+ "type": {
+ "const": "GIT"
+ }
+ }
+ },
+ "then": {
+ "required": [
+ "repo"
+ ]
+ }
+ },
+ {
+ "if": {
+ "properties": {
+ "events": {
+ "contains": {
+ "required": ["last_affected"]
+ }
+ }
+ }
+ },
+ "then": {
+ "not": {
+ "properties": {
+ "events": {
+ "contains": {
+ "required": ["fixed"]
+ }
+ }
+ }
+ }
+ }
+ }
+ ],
+ "required": [
+ "type",
+ "events"
+ ]
+ }
+ },
+ "versions": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "ecosystem_specific": {
+ "type": "object"
+ },
+ "database_specific": {
+ "type": "object"
+ }
+ },
+ "allOf": [
+ {
+ "if": {
+ "properties": {
+ "ranges": {
+ "contains": {
+ "properties": {
+ "type": {
+ "enum": [
+ "SEMVER",
+ "ECOSYSTEM"
+ ]
+ }
+ }
+ }
+ }
+ }
+ },
+ "then": {},
+ "else": {
+ "required": [
+ "versions"
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "type": "array",
+ "items": {
+ "type": "object",
+ "properties": {
+ "type": {
+ "type": "string",
+ "enum": [
+ "ADVISORY",
+ "ARTICLE",
+ "REPORT",
+ "FIX",
+ "GIT",
+ "PACKAGE",
+ "WEB"
+ ]
+ },
+ "url": {
+ "type": "string",
+ "format": "uri"
+ }
+ },
+ "required": [
+ "type",
+ "url"
+ ]
+ }
+ },
+ "credits": {
+ "type": "array",
+ "items": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "type": "string"
+ },
+ "contact": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ }
+ },
+ "required": [
+ "name"
+ ]
+ }
+ },
+ "database_specific": {
+ "type": "object"
+ }
+ },
+ "required": [
+ "id",
+ "modified"
+ ]
+}
diff --git a/lib/rss_feed_sources.txt b/lib/rss_feed_sources.txt
new file mode 100644
index 0000000..796423b
--- /dev/null
+++ b/lib/rss_feed_sources.txt
@@ -0,0 +1,22 @@
+https://github.com/ethereum/go-ethereum/releases.atom
+https://github.com/ledgerwatch/erigon/releases.atom
+https://github.com/ethereum/go-ethereum/security/advisories
+https://github.com/ledgerwatch/erigon/security/advisories
+https://github.com/ethereum/solidity/blob/develop/docs/bugs.json
+https://github.com/ethereum/solidity/releases.atom
+https://github.com/ethereum/solidity/security/advisories
+
+https://github.com/ethereum/beacon-APIs/releases.atom
+https://github.com/ethereum/consensus-specs/releases.atom
+https://github.com/ethereum/beacon-APIs/security/advisories
+https://github.com/ethereum/consensus-specs/security/advisories
+https://github.com/ethereum/builder-specs/releases.atom
+https://github.com/ethereum/builder-specs/security/advisories
+
+
+https://status.ntppool.org/history.atom
+https://status.securerpc.com/history.atom
+https://status.infura.io/history.atom
+
+https://github.com/advisories?query=sort%3Aupdated-desc+severity%3Acritical
+https://dnsimple.statuspage.io/history.atom
diff --git a/package.json b/package.json
index df4feb5..9219ef7 100644
--- a/package.json
+++ b/package.json
@@ -1,15 +1,13 @@
{
"name": "defi-threat-matrix",
- "version": "0.7.1",
- "description": "a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations on decentralized finance",
+ "version": "3.0.2",
+ "description": "decentralized econometric threat and security assesment",
"repository": "https://github.com/manifoldfinance/defi-threat",
"author": "sam bacha ",
"license": "MPL-2.0",
"private": false,
"scripts": {},
- "devDependencies": {
- "prettier": "^2.5.1"
- },
+ "devDependencies": {},
"files": [
"libtx/*",
"src/*",