Skip to content

Latest commit

 

History

History
522 lines (385 loc) · 24.6 KB

README.md

File metadata and controls

522 lines (385 loc) · 24.6 KB

Build Status

How To Participate

Bitcoin.org needs volunteers like you! Here are some ways you can help:

You can always report problems or help improve bitcoin.org by opening a new issue or pull request on GitHub.

Working With GitHub

GitHub allows you to make changes to a project using git, and later submit them in a "pull request" so they can be reviewed and discussed. Many online how-tos exist so you can learn git, here's a good one.

In order to use GitHub, you need to sign up and set up git. You will also need to click the Fork button on the bitcoin.org GitHub page and clone your GitHub repository into a local directory with the following command lines:

git clone (url provided by GitHub on your fork's page) bitcoin.org
cd bitcoin.org
git remote add upstream https://github.com/bitcoin/bitcoin.org.git

How to send a pull request

  1. Checkout to your master branch. git checkout master
  2. Create a new branch from the master branch. git checkout -b (any name)
  3. Edit files and preview the result.
  4. Track changes in files. git add -A
  5. Commit your changes. git commit -m '(short description for your change)'
  6. Push your branch on your GitHub repository. git push origin (name of your branch)
  7. Click on your branch on GitHub and click the Compare / pull request button to send a pull request.

When submitting a pull request, please take required time to discuss your changes and adapt your work. It is generally a good practice to split unrelated changes into separate branchs and pull requests.

Travis Continuous Integration (CI)

Shortly after your Pull Request (PR) is submitted, a Travis CI job will be added to our queue. This will build the site and run some basic checks. If the job fails, you will be emailed a link to the build log and the PR will indicate a failed job. Read the build report and try to correct the problem---but if you feel confused or frustrated, please ask for help on the PR (we're always happy to help).

If you don't want a particular commit to be tested, add [ci skip] anywhere in its commit message.

If you'd like to setup Travis on your own repository so you can test builds before opening a pull request, it's really simple:

  1. Make sure the master branch of your repository is up to date with the bitcoin/bitcoin.org master branch.

  2. Open this guide and perform steps one, two, and four. (The other steps are already done in our master branch.)

  3. After you push a branch to your repository, go to your branches page (e.g. for user harding, github.com/harding/bitcoin.org/branches). A yellow circle, green checkmark, or red X will appear near the branch name when the build finishes, and clicking on the icon will take you to the corresponding build report.

How to make additional changes in a pull request

You simply need to push additional commits on the appropriate branch of your GitHub repository. That's basically the same steps as above, except you don't need to re-create the branch and the pull request.

How to reset and update your master branch with latest upstream changes

  1. Fetch upstream changes. git fetch upstream
  2. Checkout to your master branch. git checkout master
  3. Replace your master branch by the upstream master branch. git reset --hard upstream/master
  4. Replace your master branch on GitHub. git push origin master -f

Previewing

Preview Small Text Changes

Simple text changes can be previewed live on bitcoin.org. You only need to click anywhere on the page and hold your mouse button for one second. You'll then be able to edit the page just like a document. Changes will be lost as soon as the page is refreshed.

Build Site With Jekyll From Bundler

Make sure you have ruby 2.0. If you don't, we recommend installing it with RVM, which can usually be done by running the following three commands:

\curl -sSL https://get.rvm.io | bash -s stable
source ~/.rvm/scripts/rvm
rvm install ruby-2.0.0

Next, you need to install bundler, and let it install all gems you need to build the site. You must run the last command from within your local bitcoin.org repository:

gem install bundler
bundle install

Finally, you can build the website in _site/:

bundle exec jekyll build

You can then copy the output files from _site/ to the root of your web server. If you have no web server, run bundle exec jekyll serve and visit http://127.0.0.1:4000/. This server requires you to add a trailing ".html" by hand in your browser address bar.

Build Site With Jekyll From APT

The instructions in the section above will ensure that you use the same versions of the same software we use to build the website, but you can also install dependencies from your Linux distribution. For example:

Installing dependencies on Ubuntu 12.10:

sudo apt-get install jekyll node-less ruby1.9.1-dev libicu-dev
sudo gem install ffi-icu

Installing dependencies on older Ubuntu and Debian distributions:

sudo apt-get install rubygems ruby1.9.1-dev build-essential libicu-dev
sudo gem install jekyll json less therubyracer ffi-icu

Finally build the website in _site/:

jekyll

...Or jekyll build on recent versions. You can then copy the output files from _site/ to the root of your web server. If you have no web server, run jekyll --server (or jekyll serve on recent versions) and visit http://127.0.0.1:4000/. This server requires you to add a trailing ".html" by hand in your browser address bar.

Building With Make

After you've installed Jekyll and the other dependencies, you can optionally use GNU Make to automatically build the site and run several tests. You will first need to install Make using your package manager; for example:

sudo apt-get install make

Then in your local bitcoin.org repository, run one of the following commands:

## To just build the site, the equivalent of: bundle exec jekyll build
make

## After you build the site, you can run all of the tests (may take awhile)
make test

## Or you can build the site and run some quick tests with one command:
make valid

## Or build the site and run all tests
make all

Partial build for faster preview

In order to preview some changes faster, you can disable all plugins and languages but those you need by prefixing the ENABLED_LANGS and ENABLED_PLUGINS environment variables:

ENABLED_PLUGINS="events autocrossref" ENABLED_LANGS="en fr" make all

Developer Documentation

Each part of the documentation can be found in the _includes directory. Updates, fixes and improvements are welcome and can submitted using pull requests on GitHub.

Mailing List: General discussions can take place on the mailing list.

TODO List: New content and suggestions for improvements can be submitted to the TODO list. You are also welcome if you want to assign yourself to any task.

Style Guide: For better consistency, the style guide can be used as a reference for terminology, style and formatting. Suggested changes can also be submitted to this guide to keep it up to date.

Cross-Reference Links: Cross-reference links can be defined in _includes/references.md. Terms which should automatically link to these references are defined in _autocrossref.yaml .

Translation

How To Translate

You can join a translation team on Transifex and start translating or improving existing translations.

  • You must be a native speaker for the language you choose to translate.
  • Please be careful to preserve the original meaning of each text.
  • Sentences and popular expressions should sound native in your language.
  • You can check the result on the live preview and test small changes.
  • Translations need to be reviewed by a reviewer or coordinator before publication.
  • Once reviewed, translations can be submitted in a pull request on GitHub.
  • In doubt, please contact coordinators on Transifex. That'll be much appreciated.

Import Translations

Update translations: You can update the relevant language file in _translations/ and from the root of the git repository run ./_contrib/updatetx.rb to update layouts and templates for this language. You should also make sure that no url has been changed by translators. If any page needs to be moved, please add redirections.

Add a new language: You can put the language file from Transifex in _translations and add the language in _config.yml in the right display order for the language bar. Make sure to review all pages and check all links.

Update English Strings

Any change in the English text can be done through a pull request on GitHub. If your changes affect the HTML layout of a page, you should apply fallback HTML code for other languages until they are updated.

{% case page.lang %}
{% when 'fr' %}
  (outdated french content)
{% else %}
  (up to date english content)
{% endcase %}

When translation is needed: If you want all changes you've made to be re-translated, you can simply update the resource file (en.yml) on Transifex.

When translation is not needed: If you are only pushing typo fixes and that you don't want translators to redo all their work again, you can use the Transifex client to pull translations, update en.yml and push back all translations at once:

tx init
tx set --auto-remote https://www.transifex.com/projects/p/bitcoinorg/
tx pull -a -s --skip
tx set --source -r bitcoinorg.bitcoinorg -l en translations/bitcoinorg.bitcoinorg/en.yml
(update en.yml)
tx push -s -t -f --skip --no-interactive

Posts

Events

Events should be placed in _events.yml and adhere to this format:

- date: 2014-02-21
  title: "2014 Texas Bitcoin Conference"
  venue: "Circuit of the Americas™ - Technology and Conference Center"
  address: "9201 Circuit of the Americas Blvd"
  city: "Austin, TX"
  country: "United States"
  link: "http://texasbitcoinconference.com/"

Events that have a Meetup.com page with a publicly-viewable address and "Bitcoin" in the event title should already be displayed on the events page. (Please open a new issue if a Bitcoin meetup event isn't displayed.)

Release Notes

To create a new Bitcoin Core release, create a new file in the _releases/ directory. Any file name ending in .md is fine, but we recommend naming it after the release, such as 0.10.0.md

Then copy in the following YAML header (the part between the three dashes, ---):

---
## Required value below populates the %v variable (note: % needs to be escaped in YAML if it starts a value)
required_version: 0.10.0
## Optional release date.  May be filled in hours/days after a release
optional_date: 2015-02-16
## Optional title.  If not set, default is: Bitcoin Core version %v released
optional_title: Bitcoin Core version %v released
## Optional magnet link.  To get it, open the torrent in a good BitTorrent client
## and View Details, or install the transmission-cli Debian/Ubuntu package
## and run: transmission-show -m <torrent file>
#
## Link should be enclosed in quotes and start with: "magnet:?
optional_magnetlink:

## The --- below ends the YAML header. After that, paste the release notes.
## Warning: this site's Markdown parser commonly requires you make two
## changes to the release notes from the Bitcoin Core source tree:
##
## 1. Make sure both ordered and unordered lists are preceeded by an empty
## (whitespace only) line, like the empty line before this list item.
##
## 2. Place URLs inside angle brackets, like <http://bitcoin.org/bin>

---
```

Then start at the top of the YAML header and read the comments, filling
in and replacing information as necessary, and then reformatting the
release notes (if necessary) as described by the last lines of the YAML
header.

Download links will automatically be set to the defaults using the current
release version number, but if you need to change any download URL, edit
the file `_templates/download.html`

[Once Travis is enabled] You can then create a pull request to the
master branch and Travis CI will automatically build it and make sure
the links you provided return a "200 OK" HTTP header. (The actual files
will not be downloaded to save bandwidth.) Alternatively, you can build
the site locally with `make all` to run the same quality assurance tests.

The file can be edited later to add any optional information (such as a
release date) that you didn't have when you created the file.

### Alerts

Network alerts should be placed in `_alerts/YYYY-MM-DD-SHORTITLE.html` and adhere to this format:

```
---
title: "11/12 March 2013 Chain Fork"
alias: "chainfork"
active: true
banner: "<b>Chain fork</b> - Please stop mining on bitcoin version 0.8.0. Click here for more information."
---

<p>
A chain fork is happening. Please stop mining on bitcoin version 0.8.0. Your bitcoins are safe but it is recommended that you postpone your Bitcoin transactions for the next hours.
</p>
<p>
More information will follow.
</p>
<div style="text-align:right">
  <i>This notice last updated: Thu, 16 May 2013 01:37:00 UTC</i>
</div>

```
* `SHORTTITLE` is used to construct the URL.
* `title: ...` will be used as the title in the layout.
* `alias: ...` (optional) a short alias for Bitcoin Core alerts. Ex. "dos" will produce /dos.html
* `active: ...` (true or false) define if the alert should appear as ongoing in the network status page.
* `banner: ...` (optional) a short text that will be displayed in a red alert banner and link to the alert page.
* `last updated: ...` should be kept up to date and be in RFC 2822 format ( date -uR ).

## Wallets

The wallet list is based on the personal evaluation of the maintainer(s) and regular contributors of this site, according to the criterias detailed below.

These requirements are meant to be updated and strengthened over time. Innovative wallets are exciting and encouraged, so if your wallet has a good reason for not following some of the rules below, please submit it anyway and we'll consider updating the rules.

Basic requirements:

- Sufficient users and/or developers feedback can be found without concerning issues, or independent security audit(s) is available
- No indication that users have been harmed considerably by any issue in relation to the wallet
- No indication that security issues have been concealed, ignored, or not addressed correctly in order to prevent new or similar issues from happening in the future
- No indication that the wallet uses unstable or unsecure libraries
- No indication that changes to the code are not properly tested
- Wallet was publicly announced and released since at least 3 months
- No concerning bug is found when testing the wallet
- Website supports HTTPS and 301 redirects HTTP requests
- SSL certificate passes [Qualys SSL Labs SSL test](https://www.ssllabs.com/ssltest/)
- Website serving executable code or requiring authentication uses HSTS with a max-age of at least 180 days
- The identity of CEOs and/or developers is public
- If private keys or encryption keys are stored online:
  - Refuses weak passwords (short passwords and/or common passwords) used to secure access to any funds, or provides an aggressive account lock-out feature in response to failed login attempts along with a strict account recovery process.
- If user has no access over its private keys:
  - Provides 2FA authentication feature
  - Reminds the user to enable 2FA by email or in the main UI of the wallet
  - User session is not persistent, or requires authentication for spending
  - Provides account recovery feature
- If user has exclusive access over its private keys:
  - Allows backup of the wallet
  - Restoring wallet from backup is working
  - Source code is public and kept up to date under version control system
- If user has no access to some of the private keys in a multi-signature wallet:
  - Provides 2FA authentication feature
  - Reminds the user to enable 2FA by email or in the main UI of the wallet
  - User session is not persistent, or requires authentication for spending
  - Gives control to the user over moving their funds out of the multi-signature wallet
- For hardware wallets:
  - Uses the push model (computer malware cannot sign a transaction without user input)
  - Protects the seed against unsigned firmware upgrades
  - Supports importing custom seeds
  - Provides source code and/or detailed specification for blackbox testing if using a closed-source Secure Element

Optional criterias (some could become requirements):

- Received independent security audit(s)
- Avoid address reuse by using a new change address for each transaction
- Avoid address reuse by displaying a new receiving address for each transaction in the wallet UI
- Does not show "received from" Bitcoin addresses in the UI
- Uses deterministic ECDSA nonces (RFC 6979)
- Provides a bug reporting policy on the website
- If user has no access over its private keys:
  - Full reserve audit(s)
  - Insurrance(s) against failures on their side
  - Reminds the user to enable 2FA in the main UI of the wallet
- If user has exclusive access over its private keys:
  - Supports HD wallets (BIP32)
  - Provides users with step to print or write their wallet seed on setup
  - Uses a strong KDF and key stretching for wallet storage and backups
  - On desktop platform:
    - Encrypt the wallet by default
- For hardware wallets:
  - Prevents downgrading the firmware

### Adding a wallet

*Before adding a wallet,* please make sure your wallet meets all of the
Basic Requirements listed above, or open a [new issue][] to request an
exemption or policy change. Feel free to email Dave Harding
<dave@dtrt.org> if you have any questions.

Wallets can be added in `_templates/choose-your-wallet.html`. Entries are ordered by levels and new wallets must be added after the last wallet on the same level.

* Level 1 - Full nodes
* Level 2 - SPV, Random servers
* Level 3 - Hybrid, Multisig wallets
* Level 4 - Web wallets

**Screenshot**: The png files must go in `/img/screenshots`, be 250 X 350 px and optimized with `optipng -o7 file.png`.

**Icon**: The png file must go in `/img/wallet`, be 144 X 144 px and optimized with `optipng -o7 file.png`. The icon must fit within 96 X 96 px inside the png, or 85 X 85 px for square icons.

**Description**: The text must go in `_translations/en.yml` alongside other wallets' descriptions.

### Score

Each wallet is assigned a score for five criterias. For each of them, the appropriate text in `_translations/en.yml` needs to be choosen.

**Control** - What control the user has over his bitcoins?

To get a good score, the wallet must provide the user with full exclusive control over their bitcoins.

To get a passing score, the wallet must provide the user with exclusive control over their bitcoins. Encrypted online backups are accepted so long as only the user can decrypt them. Multisig wallets are accepted so long as only the user can spend without the other party's permission.

**Validation** - How secure and « zero trust » is payment processing?

To get a good score, the wallet must be a full node and need no trust on other nodes.

To get a passing score, the wallet must rely on random nodes, either by using the SPV model or a pre-populated list or servers.

**Transparency** - How transparent and « zero trust » is the source code?

To get a good score, the wallet must deserve a passing score and be built deterministically.

To get a passing score, the wallet must be open-source, under version control and releases must be clearly identified (e.g. by tags or commits). The codebase and final releases must be public since at least 6 months and previous commits must remain unchanged.

**Environment** - How secure is the environment of the wallet?

To get a good score, the wallet must run from an environment where no apps can be installed.

To get a passing score, the wallet must run from an environment that provides app isolation (e.g. Android, iOS), or require two-factor authentication for spending.

**Privacy**: Does the wallet protect users' privacy?

To get a good score, the wallet must avoid address reuse by using a new change address for each transaction, avoid disclosing information to peers or central servers and be compatible with Tor.

To get a passing score, the wallet must avoid address reuse by using a new change address for each transaction.


## Advanced Usage

### Redirections

Redirections can be defined in ```_config.yml```.

```
  /news: /en/version-history
```

### Aliases For Contributors

Aliases for contributors are defined in ```_config.yml```.

```
aliases:
  s_nakamoto: Satoshi Nakamoto
  --author=Satoshi Nakamoto: Satoshi Nakamoto
  gavinandresen: Gavin Andresen
```