CodeQuill is a decentralized registry for repositories, snapshots, and supply-chain attestations. It leverages EIP-712 delegations to enable a secure relayer-mediated workflow, allowing repository owners to authorize specific actions (claiming repos, creating snapshots, or signing attestations) without requiring them to be online for every transaction.
- CodeQuillDelegation: Context-scoped delegation (owner -> relayer) for granular permissions (scopes) bound to a workspace.
- CodeQuillWorkspaceRegistry: Manages workspace membership and authority, anchoring wallets to context identifiers.
- CodeQuillRepositoryRegistry: Repository claim registry (repoId -> owner) with context-scoped relayer support.
- CodeQuillSnapshotRegistry: Lightweight snapshotting via Merkle roots and off-chain git commit metadata.
- CodeQuillReleaseRegistry: Anchors immutable project releases referencing snapshots with integrated governance.
- CodeQuillPreservationRegistry: Optional registry for anchoring encrypted preservation archives bound to snapshots.
- CodeQuillAttestationRegistry: Records supply-chain attestations (sha256 artifact digests) bound to on-chain releases.
For more detailed information on the project's structure and security model, please refer to:
npx hardhat build
npx hardhat test
npx hardhat test --coverage
npx hardhat keystore set SEPOLIA_RPC
npx hardhat keystore set DEPLOYER_PK
npx hardhat ignition deploy ignition/modules/Codequill.ts --network sepolia
npm run generate-abi
To verify contract source code on block explorers (like Etherscan) using the Standard-Json-Input method:
- Generate the Standard-Json-Input files:
npm run generate-standard-json
- The generated files will be located in the
standard-json-input/folder. - On the block explorer's verification page, select Standard-Json-Input as the compiler type.
- Upload the corresponding
.standard-input.jsonfile for your contract.