input-output-hk · aleeusgr · Sep 7, 2023 · Sep 13, 2023 · Oct 31, 2023 · Oct 31, 2023
diff --git a/Agendas/ST-vesting.md b/Agendas/ST-vesting.md
@@ -0,0 +1,79 @@
+# TABLE OF CONTENTS
+1 [Security Target Introduction](#1-security-targets-introduction)<br>
+1.1 Security Target Reference <br>
+1.2 TOE Reference <br>
+1.3 Terminology and Acronyms<br>
+1.4 Product Overview<br>
+1.5 TOE Overview <br>
+1.6 TOE Description<br>
+2 Conformance Claims<br>
+3 TOE Security Problem Definition<br>
+3.1 Assumption<br>
+3.2 Threats<br>
+3.3 Organizational Security Policies<br>
+4 Security Objectives<br>
+4.1 Security Objectives for the TOE<br>
+4.2 Security Objectives for the Operational Environment<br>
+5 Extended Components<br>
+5.1 Extended Security Functional Requirement (SFR)<br>
+5.2 Extended Security Assurance Requirement (SAR)<br>
+6 TOE Security Requirements<br>
+6.1 Conventions<br>
+6.2 Security Functional Requirements (SFR)<br>
+6.3 Security Assurance Requirements<br>
+7 TOE Summary Specifications<br>
+7.1 User Data Protection<br>
+7.2 Identification and Authentication<br>
+7.3 Security Management<br>
+7.4 TOE Access<br>
+8 Rationale<br>
+8.1 Protection Profile Conformance Claim Rationale<br>
+8.2 Security Objectives Rationale<br>
+8.3 Extended Security Functional Requirement Rationale<br>
+8.4 Extended Security Assurance Requirement Rationale<br>
+8.5 Security Functional Requirements Rationale<br>
+
+# 1. Security Targets Introduction
+
+1.1 Security Target Reference <br>
+
+TODO
+
+1.2 TOE Reference <br>
+
+TODO
+
+1.3 Terminology and Acronyms<br>
+
+TODO
+
+1.4 Product Overview<br>
+
+product is a vesting service <br>
+users is allowed to test the smart contract by submitting transactions to the blockchain emulator.<br>
+The product consists of the following components: <br>
+the validator script, the transaction catalog, testing harness, test runner, build system, CI runner<br>
+TOE for evaluation consists of the validator script, the transaction catalog and the test harness.
+
+1.5 TOE Overview <br>
+
+TOE Overview summarizes the usage and major security features of the TOE. TOE Overview provides
+context for the evaluated TOE by identifying the TOE type, describing the product, and defining the
+specific evaluated configuration. <br>
+
+1.5.1 Usage and features
+
+build transactions using tests, abstract transactions into functions, modify the validator script and the transactions to create new dApp architectures.
+
+1.5.2 Type 
+
+1.5.3 Non-TOE hardware/firmware/software required by the TOE
+
+npm is the TypeScript package manager. vitest is a testing framework, Helios is a TypeScript DSL for writing dApps in eUTXO model. eUTXO is a model of the Cardano blockchain.
+
+1.6 TOE Description<br>
+
+This section primarily addresses the physical and logical components of the TOE included in the
+evaluation.
+
+1.6.X TODO: Physical scope, Logical Scope, (refers to 1.5.1 Usage and major security feature)
diff --git a/Agendas/contributing.md b/Agendas/contributing.md
@@ -0,0 +1,14 @@
+volunteering to a working group in an open-source community, consider the following factors when making the decision: <br>
+
+## Why: <br>
+Determine your primary motivation for wanting to contribute. Are you passionate about the project's goals? Do you want to gain experience or build your professional network? Knowing your motivations will help guide your decision-making process and ensure that your time is well spent. <br>
+
+## How: <br>
+**Time commitment**: Assess how much time you can realistically dedicate to participating in the working group. Open-source projects often require a significant amount of time, energy, and focus from their contributors. Make sure you have the bandwidth to handle this responsibility without compromising other important aspects of your life. <br>
+**Skill set**: Evaluate your current skill set and determine if it aligns with the needs of the working group. If not, consider whether you are willing to learn new skills or acquire additional knowledge in order to contribute effectively. This may involve taking online courses, reading documentation, or attending workshops related to the project's technology stack. <br>
+**Communication**: Open-source communities rely heavily on effective communication among members. Assess your ability to collaborate with others and express yourself clearly both verbally and in writing. Good communication skills are essential for working effectively within a team and resolving any issues that may arise during the development process. <br>
+**Technical expertise**: Familiarize yourself with the project's codebase, documentation, and overall structure before diving into contributions. This will help you understand how your work fits into the larger context of the project and enable you to contribute more effectively. If necessary, seek guidance from experienced members of the community or take advantage of available resources such as tutorials and forums. <br>
+**Project goals**: Research the objectives and mission of the working group to ensure that they align with your own values and interests. This will help you stay motivated throughout your involvement in the project and contribute more meaningfully to its success. <br>
+**Reputation and credibility**: Consider how participating in this particular open-source community may impact your professional reputation and future opportunities. Engaging with a reputable, well-established project can enhance your skills and credentials while providing valuable networking opportunities. Conversely, associating yourself with a less-reputable or controversial project could have negative consequences for your career.
+
+## what?