Project Health
The project health is currently shaky. The reason for this being that we have decreased our recruitment efforts that we mentioned in the last report and have not gained any new maintainers or contributors. We have done this on purpose since we are currently handling a major security vulnerability and can't discuss it with larger groups and have used the time of the core maintainers to take care of this issue. We will not discuss the vulnerability in this report as it is currently confidential and has not been publicly released as a github CVE. After these efforts are merged we hope to continue our recruitment of new maintainers and contributors to further along operation Oso (code refactoring).
There are no issues at this time.
No releases have been made this quarter but we hope to get some out soon for URSA-base after the pull request is reviewed and merged. Again this is a lower priority than the current security vulnerability.
We have made significant changes to the Anoncreds documents. This adds a new revision and accounts for parts that were not accounted in the original paper. There also is a pull request for the first step in our refactoring efforts that creates all the base code and helper functions to create the rest of URSA. We hope to have this reviewed and merged soon.
As it was mentioned before we hope to have the high risk vulnerability fixed and released. All the planning and coordination for these efforts have been completed. The next task is to finish and review the code and that should be done in the next few months. After this is completed the next step is to finish another section of the Ursa refactoring. This will probably be the ursa-signatures part of the refactoring. This will greatly help out Indy and others who depend heavily on URSA for it's cryptographic key tools.