The CCSS is an open standard, born out of the belief that security should not be the defining feature of your service. Sharing the industry's best practices amongst each other is encouraged through an understanding that it benefits everyone.
From the beginning, the CCSS has been a community based endeavour. Since 2009 brought us Bitcoin, a number of extremely intelligent and driven people across the world have worked hard to make the ecosystem what it is today. This open standard is a way of bringing together all of that experience into a single shared repository that gives new projects an understanding of what is needed to produce a secure service, and gives established organizations a method to show the results of their many years of research and development.
The strength of this standard will be established through the involvement of the community. We strongly encourage and welcome all who feel they can contribute to do so.
There are many ways in which you can help contribute to the CryptoCurrency Security Standard. While security experts have an obvious avenue for contributing, the standard also needs help from graphic designers, language translators, and proofreaders too, just to name a few.
Here are some quick examples of ways you can help:
- Technical Discussion
- Aspect and Term Definitions
- Level Requirements
- Audit Processes & Procedures
- General Editing / Proofreading
- Repository Development
- Improved UI to navigate the content
- Assessment Checklist to assist auditors
- Localization Support
- Language Translations
All contributions will be acknowledged publicly within the repository (unless specifically requested otherwise).
Contribution & Discussion Methods
As with any project, you can choose to contribute in the way that best fits your own workflow. You can join the discussions to identify issues with the standard, providing your own point of view, or you can write changes via pull requests if you want to edit the standard directly.
Anybody looking to contribute to the CCSS can do so through any of the following channels:
The Open Standard Repository for the CCSS has contribution methods built directly into it. As you browse the standard's website, you will find links to peruse a section's history, to edit the content or discuss changes.
We look forward to expanding on the built-in features as the standard itself evolves. If you have any suggestions on what can be added to further improve community involvement, please don't hesitate to share.
Slack / Mailing List
We also have a C4 Slack Site with a channel for #ccss-discussion. For those of you who haven't used Slack, it is basically a really pretty IRC that logs stuff you've missed while away from your keyboard. Unfortunately, this is invite-only but that is just a system limitation, not one of our own. If you would like access, just let us know via email!
We are also in the process of setting up a mailing list. This will likely end up bring preferred over the Slack channel, mostly due to being a bit more asynchronous and open, but many of us will frequent both until a consensus seems clear on preference.
CCSS Steering Committee
Finally, we would like to take a moment to announce the C4 steering committee for the CryptoCurrency Security Standard.
Our Simple Mission:
To ensure the CCSS remains up-to-date, neutral and relevant in establishing security standards in the fast changing world of cryptocurrencies.
Andreas M. Antonopoulos
Mike Belshe, BitGo
Eric Lombrozo, Ciphrex
Joshua McDougall, C4
Sean Neville, Circle
Michael Perklin, C4
John Velissarios, Armory Enterprise
We look forward to working with you all!