Project Resources

3 min readContributor · Operator candidatev0.9.0aN alpha

What this page covers

Stigmem is in the v0.9.0aN alpha line: useful for review, adapter work, single-organization experiments, and external validation, but not yet recommended for production cross-organization federation.

The most valuable contributions right now are small, evidence-producing improvements.

That make the protocol more testable, auditable, and easier to adopt.

Audience: potential contributors, engineers, security researchers, applied researchers, and candidate operators.

Contributor entry points

Path

Start here

Good first work

Reference node

Architecture

Focused tests, docs corrections, small route/CLI fixes.

Federation

Federated network

Scope/audit examples, demo polish, conformance gaps.

Security review

Security architecture

Evidence links, runbook clarity, safe test cases.

Plugin ecosystem

Plugin author guide

Plugin docs examples, lifecycle tests, fixture improvements.

Docs and onboarding

Contributing

Glossary entries, quickstart troubleshooting, issue-template polish.

Starter work is labeled good first issue. Pick one issue, keep the PR narrow, and include the focused validation you ran.

Demos to run first

From a repository checkout:

make demo
make demo-attack

Command

Demonstrates

What you'll see

make demo

happy path

Starts two local nodes, registers them as peers, asserts a fact on node A, verifies replication on node B, prints federation audit entries, and tears the cluster down.

make demo-attack

adversarial

Demonstrates malicious-peer rejection: unauthorized scope writes and source-forged facts are rejected, audited, and not stored.

Operator validation

Teams interested in running a node during external validation should open an operator candidate issue.

Keep infrastructure details, secrets, and private organization data out of the public issue.

The public thread should describe the validation shape and the questions you want to answer.

Security research

Security researchers should read SECURITY.md before filing anything.

Public OK

Security documentation, safe-harbor questions, or already-public advisory follow-up.

Private only

Active vulnerabilities, exploit details, secrets, and private operator findings.

Community norms

Stigmem is an open protocol project. All contributors and collaborators are expected to follow the Code of Conduct.

Key principles:

Spec changes go through RFC

Wire format, namespace, and federation semantics changes require review before merging.

Evidence beats claims

Prototypes, tests, reproducible demos, and conformance vectors are more persuasive than prose alone.

Protocol-layer focus

Stigmem provides a shared substrate; adapters and agent tools build on top of it.