sync with main

Ilaria Enache · Ilaria Enache · commit 858710a41700 · 2024-07-31T15:52:58.000+02:00
diff --git a/learn/introduction.md b/learn/introduction.md
@@ -0,0 +1,73 @@
+---
+title: Introduction to Wormhole
+description: Wormhole is a protocol for seamless communication between blockchains, enabling cross-chain applications and integrations.
+---
+<!-- 
+some links are blank because not all the pages are created yet
+also missing the list of blockchains 
+
+!!! No need to put all links in bold : check the rest
+-->
+# Introduction to Wormhole
+
+Wormhole is a generic _message-passing protocol_ that enables communication between blockchains.
+
+![Message-passing process in the Wormhole protocol](/images/learn/introduction/simple-overview.webp)
+
+!!! note
+    The above is an oversimplified illustration of the protocol; details about the architecture and components are available on the [architecture page](#){target=\_blank}.
+This simple message-passing protocol allows developers and users of cross-chain applications to leverage the advantages of multiple ecosystems.
+
+## What Isn't Wormhole?
+
+- **Wormhole is _not_ a blockchain** - it provides a means of communication between blockchains or rollups
+
+- **Wormhole is _not_ a token bridge** - however, there are [protocols built on Wormhole](https://portalbridge.com/#/transfer){target=\_blank} that serve this purpose
+
+## What Can Wormhole Be Used For?
+
+Consider the following examples of potential applications enabled by Wormhole:
+
+- **Cross-Chain Exchange** - using [Wormhole Connect](#){target=\_blank}, developers can build exchanges that allow deposits from any Wormhole-connected chain, significantly increasing liquidity access
+- **Cross-Chain Governance** - NFT collections on different networks can use Wormhole to communicate votes cast on their respective chains to a designated "voting" chain for combined proposals
+- **Cross-Chain Game** - games can be developed on a performant network like Solana, with rewards issued as NFTs on another network, such as Ethereum
+
+## Get Started
+
+### Quick Start Tutorials
+
+Tutorials are available to get started quickly and explain the concepts involved.
+
+- **[Quick Start - Off Chain](#){target=\_blank}** - integrate Wormhole Connect into a new or existing web UI
+- **[Quick Start - On Chain](#){target=\_blank}** - send your first cross-chain message
+
+More tutorials are available [on github](#){target=\_blank}. <!-- tutorials will be on the docs site -->
+
+## Explore
+
+Discover more about the Wormhole ecosystem, components, and protocols:
+
+- **[Architecture](#){target=\_blank}** - explore the components of the protocol
+- **[Protocol Specifications](https://github.com/wormhole-foundation/wormhole/tree/main/whitepapers){target=\_blank}** - learn about the protocols built on top of Wormhole
+
+## Demos
+
+Demos offer more realistic implementations than tutorials:
+
+- **[Wormhole Scaffolding](https://github.com/wormhole-foundation/wormhole-scaffolding){target=\_blank}** - quickly set up a project with the Scaffolding repo
+- **[xDapp Book Projects](https://github.com/wormhole-foundation/xdapp-book/tree/main/projects){target=\_blank}** - run and learn from example programs
+
+More demos are available in the [demos page](#){target=\_blank}.
+
+!!! note
+    Wormhole Integration Complete?
+
+    Let us know so we can list your project in our ecosystem directory and introduce you to our global, multichain community!
+
+    **[Reach out now!](https://forms.clickup.com/45049775/f/1aytxf-10244/JKYWRUQ70AUI99F32Q){target=\_blank}**
+
+## Supported Blockchains
+
+Wormhole supports a growing number of blockchains.
+
+<!-- List of Blockchains here -->
diff --git a/learn/security.md b/learn/security.md
@@ -0,0 +1,118 @@
+---
+title: Security
+description: Explore Wormhole's security features, including the Guardian network, governance, monitoring, open-source development, and bug bounty programs.
+---
+<!--
+some missing links will need to be added when pages are created
+-->
+# Security
+
+## Core Security Assumptions
+
+At its core, Wormhole is secured by a network of [Guardian](#){target=\_blank} nodes that validate and sign messages. If a super majority (e.g., 13 out of 19) of Guardians sign the same message, it can be considered valid. A smart contract on the target chain will verify the signatures and format of the message before approving any transaction.
+
+- Wormhole's core security primitive is its signed messages (signed VAAs)
+- The Guardian network is currently secured by a collection of 19 of the world's top [validator companies](https://wormhole-foundation.github.io/wormhole-dashboard/#/?endpoint=Mainnet){target=\_blank}
+- Guardians produce signed state attestations (signed VAAs) when requested by a Core Contract integrator
+- Every Guardian runs full nodes (rather than light nodes) of every blockchain in the Wormhole network, so if a blockchain suffers a consensus attack or hard fork, the blockchain will disconnect from the network rather than potentially produce invalid signed VAAs
+- Any Signed VAA can be verified as authentic by the Core Contract of any other chain
+- Relayers are considered untrusted in the Wormhole ecosystem
+
+In summary:
+
+- **Core integrators aren't exposed to risk from chains and contracts they don't integrate with**
+- By default, you only trust Wormhole's signing process and the core contracts of the chains you're on
+- You can expand your contract and chain dependencies as you see fit
+
+Core assumptions aside, many other factors impact the real-world security of decentralized platforms. Here is more information on additional measures that have been put in place to ensure the security of Wormhole.
+
+## Guardian Network
+
+Wormhole is an evolving platform. While the Guardian set currently comprises 19 validators, this is a limitation of current blockchain technology.
+
+### Governance
+
+Governance is the process through which contract upgrades happen. Guardians manually vote on governance proposals that originate inside the Guardian Network and are then submitted to ecosystem contracts.
+
+This means that governance actions are held to the same security standard as the rest of the system. A two-thirds supermajority of the Guardians is required to pass any governance action.
+
+Governance messages can target any of the various wormhole modules, including the core contracts and all currently deployed token bridge contracts. When a Guardian signs such a message, its signature implies a vote on the action in question. Once more than two-thirds of the Guardians have signed, the message and governance action are considered valid.
+
+All governance actions and contract upgrades have been managed via Wormhole's on-chain governance system.
+
+Via governance, the Guardians can:
+
+- Change the current Guardian set
+- Expand the Guardian set
+- Upgrade ecosystem contract implementations
+
+The governance system is fully open source in the core repository. See the [Open Source section](#){target=\_blank} for contract source.
+
+## Monitoring
+
+A key element of Wormhole's defense-in-depth strategy is that each Guardian is a highly competent validator company with its own in-house processes for running, monitoring, and securing blockchain operations. This heterogeneous approach to monitoring increases the likelihood that fraudulent activity is detected and reduces the number of single failure points in the system.
+
+Guardians are not just running Wormhole validators; they're running validators for every blockchain inside of Wormhole as well, which allows them to perform monitoring holistically across decentralized computing rather than just at a few single points.
+
+Guardians monitor:
+
+- Block production and consensus of each blockchain - if a blockchain's consensus is violated, it will be disconnected from the network until the Guardians resolve the issue
+- Smart contract level data - via processes like the Governor, Guardians constantly monitor the circulating supply and token movements across all supported blockchains
+- Guardian level activity - the Guardian Network functions as an autonomous decentralized computing network, complete with its blockchain ([Gateway](#){target=\_blank})
+
+## Gateway And Asset Layer Protections
+
+One of the most powerful aspects of the Wormhole ecosystem is that Guardians effectively have the entire state of DeFi available to them.
+
+Gateway is a Cosmos-based blockchain that runs internally to the Guardian network, whereby the Guardians can effectively execute smart contracts against the current state of all blockchains rather than just one blockchain.
+
+This enables additional protection for the Wormhole Asset Layer in addition to the core assumptions:
+
+- **Global Accountant** - the accountant tracks the total circulating supply of all Wormhole assets across all chains and prevents any blockchain from bridging assets which would violate the supply invariant
+
+In addition to the Global Accountant, Guardians may only sign transfers that do not violate the requirements of the Governor. The [Governor](https://github.com/wormhole-foundation/wormhole/blob/main/whitepapers/0007_governor.md){target=\_blank} tracks inflows and outflows of all blockchains and delays suspicious transfers that may indicate an exploit.
+
+## Open Source
+
+Wormhole builds in the open and is always open source.
+
+- **[Wormhole core repository](https://github.com/wormhole-foundation/wormhole){target=\_blank}**
+- **[Wormhole Foundation GitHub organization](https://github.com/wormhole-foundation){target=\_blank}**
+- **[Wormhole contract deployments](#){target=\_blank}** <!-- link to core contracts page-->
+
+## Audits
+
+Wormhole has been heavily audited, with _29 third-party audits completed_ and more started.
+
+Wormhole has had audits performed by the following firms, and continues to seek more:
+
+- Trail of Bits
+- Neodyme
+- Kudelski
+- OtterSec
+- Certik
+- Hacken
+- Zellic
+- Coinspect
+- Halborn
+
+[The most up-to-date list of audits, as well as the final reports](https://github.com/wormhole-foundation/wormhole/blob/main/SECURITY.md#3rd-party-security-audits){target=\blank}.
+
+## Bug Bounties
+
+Wormhole has one of the largest bug bounty programs in software development and has repeatedly shown commitment to engaging with the white hat community.
+
+Wormhole hosts two bug bounty programs:
+
+- An [Immunefi](https://immunefi.com/bug-bounty/wormhole/){target=\blank} program 
+- As well as a [self-hosted program](https://immunefi.com/bug-bounty/wormhole/){target=\blank}
+
+Both platforms have a top payout of _2.5 million dollars_.
+
+If you are interested in contributing to Wormhole security, please look at this section for [Getting Started as a White Hat](https://github.com/wormhole-foundation/wormhole/blob/main/SECURITY.md#white-hat-hacking){target=\blank}, and follow the [Wormhole Contributor Guidelines](https://github.com/wormhole-foundation/wormhole/blob/main/CONTRIBUTING.md){target=\blank}.
+
+For more information about submitting to the bug bounty programs, refer to the [Wormhole Immunefi page](https://immunefi.com/bug-bounty/wormhole/){target=\blank}.
+
+## Learn More
+
+The [SECURITY.md](https://github.com/wormhole-foundation/wormhole/blob/main/SECURITY.md){target=\blank} from the official repository has the latest security policies and updates.
