- Introduced Aggregator.sol for Chainlink-compatible oracle functionality, including round-based updates and access control. - Added OracleWithCCIP.sol to extend Aggregator with CCIP cross-chain messaging capabilities. - Created .gitmodules to include OpenZeppelin contracts as a submodule. - Developed a comprehensive deployment guide in NEXT_STEPS_COMPLETE_GUIDE.md for Phase 2 and smart contract deployment. - Implemented Vite configuration for the orchestration portal, supporting both Vue and React frameworks. - Added server-side logic for the Multi-Cloud Orchestration Portal, including API endpoints for environment management and monitoring. - Created scripts for resource import and usage validation across non-US regions. - Added tests for CCIP error handling and integration to ensure robust functionality. - Included various new files and directories for the orchestration portal and deployment scripts.
106 lines
2.8 KiB
Markdown
106 lines
2.8 KiB
Markdown
# Phishing Detection Check
|
|
|
|
Guide for checking and maintaining phishing detection status for ChainID 138 domains.
|
|
|
|
## Domains to Check
|
|
|
|
### Primary Domains
|
|
|
|
- `d-bis.org` - Main domain
|
|
- `rpc.d-bis.org` - RPC endpoint
|
|
- `rpc2.d-bis.org` - Secondary RPC endpoint
|
|
- `explorer.d-bis.org` - Blockscout explorer
|
|
|
|
### Subdomains
|
|
|
|
- `www.d-bis.org` - Website (if applicable)
|
|
- `api.d-bis.org` - API endpoint (if applicable)
|
|
- `status.d-bis.org` - Status page (if applicable)
|
|
|
|
## Phishing Detection Repositories
|
|
|
|
### MetaMask eth-phishing-detect
|
|
|
|
- **Repository**: [MetaMask/eth-phishing-detect](https://github.com/MetaMask/eth-phishing-detect)
|
|
- **Purpose**: Domain allowlist/denylist for MetaMask
|
|
- **Check**: Verify domains are not flagged
|
|
- **Action**: Submit PR if false positive
|
|
|
|
### How to Check
|
|
|
|
1. **Check Repository**: Check eth-phishing-detect repository
|
|
2. **Search Domains**: Search for your domains
|
|
3. **Verify Status**: Verify domains are not in denylist
|
|
4. **Report Issues**: Report false positives if found
|
|
|
|
## False Positive Reporting
|
|
|
|
### Process
|
|
|
|
1. **Identify False Positive**: Domain incorrectly flagged
|
|
2. **Create Issue**: Create issue on eth-phishing-detect repository
|
|
3. **Provide Evidence**: Provide evidence domain is legitimate
|
|
4. **Wait for Review**: Wait for maintainer review
|
|
5. **Follow Up**: Follow up if needed
|
|
|
|
### Issue Template
|
|
|
|
```markdown
|
|
## False Positive Report
|
|
|
|
**Domain**: d-bis.org
|
|
**ChainID**: 138
|
|
**Network**: DeFi Oracle Meta Mainnet
|
|
|
|
## Evidence
|
|
|
|
- Official documentation: https://github.com/Defi-Oracle-Tooling/smom-dbis-138
|
|
- Explorer: https://explorer.d-bis.org
|
|
- RPC: https://rpc.d-bis.org
|
|
|
|
## Request
|
|
|
|
Please remove d-bis.org from the phishing denylist as it is a legitimate domain for ChainID 138.
|
|
```
|
|
|
|
## Domain Security
|
|
|
|
### Best Practices
|
|
|
|
1. **Use HTTPS**: Always use HTTPS for all domains
|
|
2. **Valid SSL Certificates**: Ensure valid SSL certificates
|
|
3. **Domain Security**: Implement domain security (DNSSEC, etc.)
|
|
4. **Monitor**: Monitor for domain spoofing
|
|
5. **Report**: Report suspicious domains
|
|
|
|
### SSL Certificates
|
|
|
|
- **Provider**: Cloudflare
|
|
- **Type**: SSL/TLS certificates
|
|
- **Validity**: Auto-renewed
|
|
- **Monitoring**: Monitor certificate expiration
|
|
|
|
## Monitoring
|
|
|
|
### Regular Checks
|
|
|
|
- [ ] Check eth-phishing-detect monthly
|
|
- [ ] Verify domains are not flagged
|
|
- [ ] Monitor for domain spoofing
|
|
- [ ] Report false positives immediately
|
|
- [ ] Update domain security as needed
|
|
|
|
### Alerts
|
|
|
|
- Set up alerts for domain changes
|
|
- Monitor for phishing attempts
|
|
- Track domain reputation
|
|
- Monitor SSL certificate status
|
|
|
|
## References
|
|
|
|
- [eth-phishing-detect](https://github.com/MetaMask/eth-phishing-detect)
|
|
- [MetaMask Security](https://support.metamask.io/hc/en-us/articles/4427602331163)
|
|
- [Phishing Prevention](https://support.metamask.io/hc/en-us/articles/4427602331163)
|
|
|