From 022b83240c6d907cd573b0ba8ff2348510c82768 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 8 Jan 2026 17:25:43 +0000 Subject: [PATCH 1/4] Initial plan From 35f90731ce0b48f3b3c8423675e93bb9046ba6d5 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 8 Jan 2026 17:28:39 +0000 Subject: [PATCH 2/4] Update SECURITY.md with project-specific information Co-authored-by: jamespepper81 <84083764+jamespepper81@users.noreply.github.com> --- SECURITY.md | 60 ++++++++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 50 insertions(+), 10 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index 034e848..e331108 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -2,20 +2,60 @@ ## Supported Versions -Use this section to tell people about which versions of your project are -currently being supported with security updates. +We take security seriously at BitSleuth Wallet. The following versions are currently supported with security updates: | Version | Supported | | ------- | ------------------ | -| 5.1.x | :white_check_mark: | -| 5.0.x | :x: | -| 4.0.x | :white_check_mark: | -| < 4.0 | :x: | +| 1.2.x | :white_check_mark: | +| 1.1.x | :white_check_mark: | +| 1.0.x | :x: | +| < 1.0 | :x: | ## Reporting a Vulnerability -Use this section to tell people how to report a vulnerability. +**Please do not report security vulnerabilities through public GitHub issues.** -Tell them where to go, how often they can expect to get an update on a -reported vulnerability, what to expect if the vulnerability is accepted or -declined, etc. +If you discover a security vulnerability in BitSleuth Wallet, please report it to us privately to help protect our users. + +### How to Report + +Send an email to **security@bitsleuth.ai** with the following information: + +- **Description**: A clear description of the vulnerability +- **Impact**: The potential impact of the vulnerability +- **Steps to Reproduce**: Detailed steps to reproduce the issue +- **Affected Versions**: Which version(s) of the app are affected +- **Suggested Fix**: If you have suggestions for fixing the issue (optional) + +### What to Expect + +- **Acknowledgment**: We will acknowledge receipt of your report within 48 hours +- **Assessment**: We will assess the vulnerability and determine its severity +- **Updates**: You will receive updates on our progress at least every 7 days +- **Resolution**: We aim to resolve critical vulnerabilities within 30 days +- **Credit**: If you wish, we will publicly credit you for the discovery once the issue is resolved + +### Security Best Practices + +BitSleuth Wallet is designed with security as a top priority: + +- **Client-Side Cryptography**: All sensitive operations happen on your device +- **No Cloud Backup**: Your mnemonic seed is the only way to recover your wallet +- **Biometric/PIN Protection**: Device-level authentication required +- **Open Source**: Our code is publicly auditable +- **No Analytics**: We don't track user behavior or collect personal data + +### Scope + +Security issues in scope: +- Cryptographic vulnerabilities in key generation, storage, or transaction signing +- Authentication bypass or privilege escalation +- Data exposure or privacy leaks +- Transaction manipulation or double-spending risks +- Dependency vulnerabilities in critical packages + +Out of scope: +- Social engineering attacks +- Physical device attacks +- Issues in third-party dependencies without direct impact +- UI/UX issues without security impact From 7c285332922166679a69b056b3cbff7cd868648d Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 8 Jan 2026 17:36:56 +0000 Subject: [PATCH 3/4] Add GitHub issue and pull request templates Co-authored-by: jamespepper81 <84083764+jamespepper81@users.noreply.github.com> --- .github/ISSUE_TEMPLATE/bug_report.yml | 127 +++++++++++++++++++++ .github/ISSUE_TEMPLATE/config.yml | 8 ++ .github/ISSUE_TEMPLATE/documentation.yml | 60 ++++++++++ .github/ISSUE_TEMPLATE/feature_request.yml | 106 +++++++++++++++++ .github/PULL_REQUEST_TEMPLATE.md | 109 ++++++++++++++++++ 5 files changed, 410 insertions(+) create mode 100644 .github/ISSUE_TEMPLATE/bug_report.yml create mode 100644 .github/ISSUE_TEMPLATE/config.yml create mode 100644 .github/ISSUE_TEMPLATE/documentation.yml create mode 100644 .github/ISSUE_TEMPLATE/feature_request.yml create mode 100644 .github/PULL_REQUEST_TEMPLATE.md diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml new file mode 100644 index 0000000..3041f2a --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.yml @@ -0,0 +1,127 @@ +name: ๐Ÿ› Bug Report +description: Report a bug or unexpected behavior in BitSleuth Wallet +title: "[Bug]: " +labels: ["bug", "needs-triage"] +body: + - type: markdown + attributes: + value: | + Thanks for taking the time to report a bug! Please fill out the form below to help us investigate and fix the issue. + + **Before submitting:** + - Search for existing issues to avoid duplicates + - Make sure you're using the latest version of the app + + - type: textarea + id: description + attributes: + label: Bug Description + description: A clear and concise description of what the bug is. + placeholder: Describe the bug... + validations: + required: true + + - type: textarea + id: steps + attributes: + label: Steps to Reproduce + description: Detailed steps to reproduce the behavior + placeholder: | + 1. Go to '...' + 2. Tap on '...' + 3. Scroll down to '...' + 4. See error + validations: + required: true + + - type: textarea + id: expected + attributes: + label: Expected Behavior + description: What did you expect to happen? + placeholder: Describe what you expected... + validations: + required: true + + - type: textarea + id: actual + attributes: + label: Actual Behavior + description: What actually happened? + placeholder: Describe what actually happened... + validations: + required: true + + - type: dropdown + id: platform + attributes: + label: Platform + description: Which platform are you experiencing this issue on? + options: + - iOS + - Android + - Both iOS and Android + validations: + required: true + + - type: input + id: app-version + attributes: + label: App Version + description: Which version of BitSleuth Wallet are you using? + placeholder: e.g., 1.2.1 + validations: + required: true + + - type: input + id: os-version + attributes: + label: OS Version + description: What OS version are you running? + placeholder: e.g., iOS 18.2, Android 14 + validations: + required: true + + - type: input + id: device + attributes: + label: Device + description: What device are you using? + placeholder: e.g., iPhone 15 Pro, Samsung Galaxy S24 + validations: + required: true + + - type: textarea + id: screenshots + attributes: + label: Screenshots / Screen Recording + description: If applicable, add screenshots or screen recordings to help explain the problem. You can drag and drop images here. + placeholder: Drag and drop images or paste URLs here... + + - type: textarea + id: logs + attributes: + label: Error Logs + description: If you have any error messages or crash logs, paste them here. + placeholder: Paste error logs here... + render: shell + + - type: textarea + id: additional + attributes: + label: Additional Context + description: Add any other context about the problem here (wallet type, network conditions, etc.) + placeholder: Any additional information... + + - type: checkboxes + id: terms + attributes: + label: Checklist + description: Please confirm the following + options: + - label: I have searched for existing issues before creating this one + required: true + - label: I am using the latest version of BitSleuth Wallet + required: true + - label: This is not a security vulnerability (those should be reported privately via our Security Policy) + required: true diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml new file mode 100644 index 0000000..a8a1fb2 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -0,0 +1,8 @@ +blank_issues_enabled: false +contact_links: + - name: ๐Ÿ’ฌ Community Discussions + url: https://github.com/BitSleuthAI/Wallet/discussions + about: Ask questions, share ideas, and connect with the community + - name: ๐Ÿ”’ Security Vulnerability + url: https://github.com/BitSleuthAI/Wallet/security/advisories/new + about: Report a security vulnerability privately (DO NOT create a public issue) diff --git a/.github/ISSUE_TEMPLATE/documentation.yml b/.github/ISSUE_TEMPLATE/documentation.yml new file mode 100644 index 0000000..49853bb --- /dev/null +++ b/.github/ISSUE_TEMPLATE/documentation.yml @@ -0,0 +1,60 @@ +name: ๐Ÿ“š Documentation Issue +description: Report an issue with documentation or suggest improvements +title: "[Docs]: " +labels: ["documentation", "needs-triage"] +body: + - type: markdown + attributes: + value: | + Thanks for helping improve our documentation! Please fill out the form below. + + - type: dropdown + id: doc-type + attributes: + label: Documentation Type + description: What type of documentation issue is this? + options: + - README.md + - CONTRIBUTING.md + - Code comments + - API documentation + - Setup/Installation guide + - User guide + - Other + validations: + required: true + + - type: input + id: location + attributes: + label: Location + description: Where is the documentation issue located? + placeholder: e.g., README.md line 50, services/wallet-service.ts + validations: + required: true + + - type: textarea + id: issue + attributes: + label: Issue Description + description: What's wrong with the current documentation? + placeholder: The documentation is unclear/missing/incorrect because... + validations: + required: true + + - type: textarea + id: suggestion + attributes: + label: Suggested Improvement + description: How should the documentation be improved? + placeholder: It would be better if... + validations: + required: true + + - type: checkboxes + id: terms + attributes: + label: Checklist + options: + - label: I have checked that this documentation issue hasn't been reported before + required: true diff --git a/.github/ISSUE_TEMPLATE/feature_request.yml b/.github/ISSUE_TEMPLATE/feature_request.yml new file mode 100644 index 0000000..3318cc3 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.yml @@ -0,0 +1,106 @@ +name: ๐Ÿ’ก Feature Request +description: Suggest a new feature or enhancement for BitSleuth Wallet +title: "[Feature]: " +labels: ["enhancement", "needs-triage"] +body: + - type: markdown + attributes: + value: | + Thanks for suggesting a new feature! Please fill out the form below to help us understand your idea. + + **Before submitting:** + - Search for existing feature requests to avoid duplicates + - Consider discussing your idea in [Discussions](https://github.com/BitSleuthAI/Wallet/discussions) first + + - type: textarea + id: problem + attributes: + label: Problem Statement + description: Is your feature request related to a problem? Please describe the problem you're trying to solve. + placeholder: I'm frustrated when... / It would be helpful if... + validations: + required: true + + - type: textarea + id: solution + attributes: + label: Proposed Solution + description: Describe the solution you'd like to see implemented. + placeholder: I would like to see... + validations: + required: true + + - type: textarea + id: alternatives + attributes: + label: Alternatives Considered + description: Have you considered any alternative solutions or workarounds? + placeholder: I've also thought about... + + - type: dropdown + id: platform + attributes: + label: Platform + description: Which platform(s) should this feature be available on? + options: + - iOS + - Android + - Both iOS and Android + - Web (future) + validations: + required: true + + - type: dropdown + id: priority + attributes: + label: Priority + description: How important is this feature to you? + options: + - Nice to have + - Important + - Critical + validations: + required: true + + - type: textarea + id: use-case + attributes: + label: Use Case + description: Describe your use case. When and how would you use this feature? + placeholder: I would use this feature when... + validations: + required: true + + - type: textarea + id: benefits + attributes: + label: Benefits + description: Who would benefit from this feature? How would it improve the app? + placeholder: This would help users to... + + - type: textarea + id: mockups + attributes: + label: Mockups / Examples + description: If applicable, add mockups, screenshots from other apps, or links to similar implementations. + placeholder: Drag and drop images or paste URLs here... + + - type: textarea + id: technical + attributes: + label: Technical Considerations + description: Are there any technical considerations or constraints we should be aware of? (Optional) + placeholder: This might require... + + - type: checkboxes + id: terms + attributes: + label: Checklist + description: Please confirm the following + options: + - label: I have searched for existing feature requests before creating this one + required: true + - label: This feature aligns with the project's goals (self-custody, privacy, security) + required: true + - label: I would be willing to help implement or test this feature + required: false diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 0000000..6120d1e --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,109 @@ +## Description + + + +## Type of Change + + + +- [ ] ๐Ÿ› Bug fix (non-breaking change which fixes an issue) +- [ ] โœจ New feature (non-breaking change which adds functionality) +- [ ] ๐Ÿ’ฅ Breaking change (fix or feature that would cause existing functionality to not work as expected) +- [ ] ๐Ÿ“š Documentation update +- [ ] ๐ŸŽจ UI/UX improvement +- [ ] โ™ป๏ธ Code refactoring (no functional changes) +- [ ] โšก Performance improvement +- [ ] ๐Ÿ”’ Security improvement +- [ ] ๐Ÿงช Test coverage improvement +- [ ] ๐Ÿ”ง Build/CI improvement + +## Related Issue + + + +Fixes # + +## Changes Made + + + +- +- +- + +## Screenshots / Videos + + + + +### iOS + + +### Android + + +## Testing Performed + + + +### Manual Testing +- [ ] Tested on iOS (version: ) +- [ ] Tested on Android (version: ) +- [ ] Tested wallet creation flow +- [ ] Tested transaction sending/receiving +- [ ] Tested with different wallet types +- [ ] Tested biometric/PIN authentication + +### Automated Testing +- [ ] All existing tests pass (`npm run lint`) +- [ ] Added new tests for new functionality +- [ ] Tested on both light and dark themes + +## Security Considerations + + + +- [ ] No sensitive data is logged or exposed +- [ ] Private keys/mnemonics remain client-side only +- [ ] No new analytics or tracking added +- [ ] Cryptographic operations reviewed (if applicable) +- [ ] Input validation implemented (if applicable) + +## Performance Impact + + + +- [ ] No significant performance impact +- [ ] Performance improvement (describe below) +- [ ] Potential performance impact (describe and justify below) + +## Breaking Changes + + + +## Deployment Notes + + + +## Checklist + + + +- [ ] My code follows the project's code style guidelines +- [ ] I have performed a self-review of my own code +- [ ] I have commented my code, particularly in hard-to-understand areas +- [ ] I have made corresponding changes to the documentation +- [ ] My changes generate no new warnings or errors +- [ ] I have tested my changes on both iOS and Android (if applicable) +- [ ] I have checked that my changes don't introduce security vulnerabilities +- [ ] I have updated the CHANGELOG.md (if applicable) +- [ ] All files are in the correct directories per CONTRIBUTING.md guidelines +- [ ] No secrets, API keys, or sensitive data are committed + +## Additional Notes + + + +--- + + From 15043a87cd1ca34d3bc37c1ff4d7e6905a99e1c8 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 8 Jan 2026 17:39:03 +0000 Subject: [PATCH 4/4] Fix PR template: separate linting from testing checklist Co-authored-by: jamespepper81 <84083764+jamespepper81@users.noreply.github.com> --- .github/PULL_REQUEST_TEMPLATE.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 6120d1e..72da6e4 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -55,7 +55,8 @@ Fixes # - [ ] Tested biometric/PIN authentication ### Automated Testing -- [ ] All existing tests pass (`npm run lint`) +- [ ] Linting passes (`npm run lint`) +- [ ] All existing tests pass (if test suite exists) - [ ] Added new tests for new functionality - [ ] Tested on both light and dark themes