Hyperledger is committed to creating a safe and welcoming

community for all. For more information

please visit the Hyperledger Code of Conduct.

Welcome and Introductions

Who you are, which project you represent, your role in the project and what your interest is in the Hyperledger security process effort.


Arun S M

Ry Jones

Danno Ferrin

Hart Montgomery

Kamlesh Nagware

Artem Barger 

Peter Somogyvari



  • Welcome
  • Cover the threats
  • Open Agenda

Next Meeting

Future Topics


  1. Document all the threats first, it helps in creating the categories later. This will also help in prioritising what is important.
  2. Define the assets or properties that are to be protected before adding in threats.
  3. Infrastructure
    1. Supply delivery of the open source software.
    2. Continuous delivery, continuous integration.
    3. Binaries and outcome authenticated/signed. The end binary user can verify the source and integrity of the software.
    4. Include physical break into the data center or cloud going down.
    5. Operational threats.
    6. Insufficient test bed setup, recommend ways for reproducibility.
  4. Architecture
    1. Data confidentiality.
    2. Excessive backward compatibility.
  5. Implementation
    1. Deployment issues

Action items

  • Checklist for members to follow while reporting vulnerabilities.
  • Questionnaire to report vulnerability  ~ calculate CVE score. Danno Ferrin
  • Define scoring guidelines for blockchain & non-blockchain projects in Hyperledger Foundation. Hart Montgomery
  • Propose to break the task force activities into multiple work streams. Hart Montgomery Mic Bowman
  • Define threats in each of the defined category, bring it up for discussion. Action: Everyone


  File Modified
Multimedia File GMT20220325-145910_Recording.m4a Mar 25, 2022 by Ry Jones
File GMT20220325-145910_Recording.transcript.vtt Mar 25, 2022 by Ry Jones
Multimedia File GMT20220325-145910_Recording_1724x1176.mp4 Mar 25, 2022 by Ry Jones
Text File GMT20220325-145910_Recording.txt Mar 25, 2022 by Ry Jones