Skip to content

Commit

Permalink
feat: update 119 (#180)
Browse files Browse the repository at this point in the history 
* update 119

* Apply suggestions from code review

---------

Co-authored-by: Cayle Sharrock <CjS77@users.noreply.github.com>
  • Loading branch information
@SWvheerden @CjS77
SWvheerden and CjS77 committed Oct 5, 2023
1 parent 394709f commit 79c5f7a
Showing 1 changed file with 30 additions and 0 deletions.
30 changes: 30 additions & 0 deletions _updates/2023-10-04-update-119.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
---
layout: update
tag: Developer Update
date: 2023-10-04
author: SW van Heerden
thumbnail: update-background.jpg
title: Base layer development update
subtitle:
class: subpage
---


The core team has been diligently focusing on two key areas: ChatFFI and Core security.

### ChatFFI

One of the biggest pieces of the Tari tech stack is our comms layer. This is an overlay network on top of TCP/IP and lets participants in the Tari network find each other, communicate with and even store messages for peers on the Tari network. All this is managed without a single centralising server, and all communication is E2E encrypted and authenticated.

Obviously, the primary use case for the Tari comms layer is Tari transaction and block broadcasting. However, the comms layer is actually a general purpose communications protocol.

You could very easily, say, play [peer to peer chess](https://www.tari.com/privacy-chess/) using the Tari Comms layer. Equally, one could run the world's most private and secure chat application. No phone numbers, not a single server, just 100% peer-to-peer messaging. This is the thinking behind the development of the ChatFFI library: an independent library for facilitating the development of peer-to-peer chat across the Tari network.

It's still in an alpha state, but steady progress is being made, and the functionality will be included into Aurora in the coming months.


### Core Security

On the security front, the team has dedicated itself to an exhaustive code audit process, inspecting every line for potential vulnerabilities. In conjunction with the [diagrams](https://github.com/tari-project/tari/tree/development/docs/src/diagrams), we meticulously examine the logic of the code to verify that it operates correctly and as intended. Rust, our language of choice, provides a solid foundation for crafting secure code. We are continually working to eradicate all occurrences of "unsafe" code, such as `unwrap()` and unchecked arithmetic, from the codebase. Additionally, we have initiated a proactive campaign to subject Tari and its dependent libraries, including Monero-rs, to extensive fuzzing tests, thereby ensuring their security and vulnerability-free status.

For a comprehensive list of the security enhancements accomplished thus far, please refer to the [github page](https://github.com/tari-project/tari/pulls?q=is%3Apr+is%3Aclosed).

0 comments on commit 79c5f7a

Please sign in to comment.