diff --git a/blog/2023-06-15-june.md b/blog/2023-06-15-june.md
new file mode 100644
index 0000000000..25c48ebd8f
--- /dev/null
+++ b/blog/2023-06-15-june.md
@@ -0,0 +1,176 @@
+---
+slug: 2023-06-15-june
+title: "Mandala Metaverse"
+authors:
+ name: Denicio Bute
+ title: Community Manager - Cardano Foundation
+ url: https://github.com/weqanhet
+ image_url: https://avatars.githubusercontent.com/u/61522394?v=4
+tags: [nft, story telling, metaverse, interview]
+description: "Most stories today are not creating a positive global culture or envisioning a sustainable future for the next seven generations. Video games are violent, social media is toxic, and TV content is dumbing us down. Mandala aims to change this! In the following interview, the team explains how they aim to create a positive global culture and envision a sustainable future by offering a new narrative that breaks away from the negative influences of current media. Their multiverse incorporates a variety of mythologies, inviting audiences to participate actively and make a difference. Through existing distribution platforms, Mandala seeks to broaden worldviews and catalyze a cultural shift during a critical time in human entertainment."
+image: https://developers.cardano.org/img/og/og-blog-mandala.png
+---
+
+import ThemedImage from '@theme/ThemedImage';
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+ [](https://enterthemandala.com/)
+
+Most stories today are not creating a positive global culture or envisioning a sustainable future for the next seven generations. Video games are violent, social media is toxic, and TV content is dumbing us down. Mandala aims to change this! In the following interview, the team explains how they aim to create a positive global culture and envision a sustainable future by offering a new narrative that breaks away from the negative influences of current media. Their multiverse incorporates a variety of mythologies, inviting audiences to participate actively and make a difference. Through existing distribution platforms, Mandala seeks to broaden worldviews and catalyze a cultural shift during a critical time in human entertainment.
+
+
+
+
+
+**_Could you kindly introduce yourselves?_**
+
+Mandala’s crossmedia special forces team consists of creators, executives, and advisors from some of the most successful IP franchises (The Blair Witch Project, Harry Potter, Star Wars, Avatar). Mandala manages creative content production through strategic partnerships with best-of-breed companies in each vertical via an innovative, decentralized Round Table model (Liontree Advisors, Mindmaze, SingularityNet, SophiaVerse, Immutable X, Dark Horse Comics).
+
+At the helm are the creators Jon Shanker (CEO) and Dr. Albion M. Butters (CCO), Kevin J. Foxe (Executive Producer of The Blair Witch Project and now Mandala), and Cardano developer Mike Bakon (CTO). Each brings different strengths to this ambitious crossmedia project.
+
+
+
+
+**_Hello, Mandala! It's great to connect with you today. We're excited to hear more about Mandala Metaverse. Can you give us an overview of the project and the issues it aims to tackle?_**
+
+Mandala is a crossmedia franchise that leverages the intersection of entertainment, technology and self-transformation via graphic novels, Web3, streaming TV, and gaming, all of which creatively converge with the real world.
+
+Most stories today are not creating a positive global culture or envisioning a sustainable future for the next seven generations. Video games are violent, social media is toxic, and TV content is dumbing us down. Hollywood and Web2 are broken.
+
+Mandala gives the world a new story—in a new way.
+
+- Mandala’s multiverse weaves many of the world’s mythologies into a universal story we are all a part of.
+- Mandala’s crossmedia immersiveness and interactivity invite people into the story to wake up and make a difference.
+- Mandala uses existing distribution platforms to share a meaningful experience with a global audience yearning for real content.
+
+Mandala’s solution is to broaden the audience’s worldview and shift the culture at a critical time in human evolution. If enough of us wake up, we all wake up.
+
+“We’re not on our journey to save the world but to save ourselves. But in doing that you save the world.” – Joseph Campbell
+
+
+
+
+**_Can you help us understand the concept of a metaverse and how the Mandala Metaverse sets itself apart from others in the space?_**
+
+Our end goal is not only entertainment but something bigger, extending from the personal to the global. Imagine a metaverse that not only simulates the individual path to enlightenment but the collective one too, alchemically marrying ancient wisdom and bleeding-edge technology to unleash the potential of human consciousness for good. Imagine a metaverse with a contemporary metanarrative and story woven from the mythological archives to help inspire the global awakening already afoot, in which the world becomes the game board and you become the hero, playing your part in creating a sustainable reality for future generations and the Earth, for real. Imagine, for a moment, a metaverse where fiction becomes reality.
+
+We are building interoperably with SophiaVerse (SingularityNet’s metaverse), having formed a Joint Venture for a Metaverse Company to provide the decentralized tools and tech stack required to build AAA interoperable metaverses. While we may use the word “metaverse” in a shorthand way to describe our individual games and projects, we all know that there is only one metaverse—that is why we’re working with SingularityNet and SophiaVerse to help build the open, decentralized one from the bottom up, versus a centralized Meta. Similarly, this will support SingularityNet in its mission with Cardano to realize a decentralized AGI versus a centralized one.
+
+Rather than just making an Unreal Engine trailer for gameplay that will not be released for a number of years, we took a more gradual path of developing a decentralized application (Clan dApp) and building the infrastructure for more robust gameplay to sit on. We have also focused on identity as primary, not land or environments, as the starting point of a free metaverse is the sovereign individual. For this reason, we paired our Sovereigns NFT collection on Cardano with a Decentralized Identifier (DID) solution in the creation of Avatar profiles in our dApp. This will allow users to control and own their own data.
+
+
+
+
+**_What's the origin story behind the Mandala Metaverse?_**
+
+Mandala dates back to when its creators were at Harvard, studying comparative mythologies and realizing that diverse paths from the various wisdom traditions could be shared with a broader audience in the form of a game. We imagined an “Enlightenment Simulator” and how the story would play across other media platforms, like TV and comics. Kevin joined the team at New York Comic Con during the Dark Horse release of the Mandala graphic novel, and our journey to infiltrate Hollywood began. This led to developing Mandala with a major Hollywood studio, where it was going to be the first IP produced across all media verticals at once.
+
+When a telecom giant came in to buy the studio—talk about centralization!—we decided it was best to leave, taking our IP with us. This led us to the blockchain space and attending the Cardano Summit in Wyoming. Ultimately, we are now building a decentralized studio model, producing our project independently and involving the audience in the story in ways we once only dreamed of.
+
+
+
+
+**_What motivated you to launch your project on the Cardano blockchain?_**
+
+Multiple aspects drew us to Cardano before other chains: its long-term technological approach to blockchain (evidenced in Charles’ seminal whiteboard presentation); the eUTxO scalability that we will be implementing in our online games; our synergy with the ethos of sovereignty, decentralization, interoperability, and using tech to make the world a better place; and the warmth with which we were welcomed by the Cardano community. Our decentralized studio model includes audience participation in the narrative, and Mandala’s IP is uniquely suited to help this new paradigm reach mass adoption.
+
+
+
+
+**_Looking ahead, how do you envision your project making a difference in the crypto ecosystem or the world at large?_**
+
+This is the kind of question we love! Mandala’s big vision is to effect real world change by providing a participatory entertainment experience for people to wake up—whatever that means for them. The Enlightenment Simulator includes a number of approaches to changing the world for the better.
+
+These are presented as game-like paths, based on twelve different clans that figure into the Mandala story and our Sovereigns NFT collection on Cardano. Folks are introduced to these paths in Mandala’s [Clan dApp](https://enterthemandala.app), where they can stake their Sovereigns with a pool that supports the mission of their chosen clan. We believe that supporting SPOs in their visions for change and giving their delegators a gamified experience can also serve as a way to onboard new people into Cardano and drive decentralization.
+
+As the Mandala community grows—and more ways for them to engage come online, from multichain interoperability to development in the AI space—it promises to get very exciting. Mandala’s story of awakening pushes both the limits of crypto on a utility level and what we perceive our human potential to be, epitomized in Mandala’s upcoming story-driven token-generation event (TGE) called the Sacrifice. Rather than giving preferential treatment to VCs, NFT holders and their networks are given the opportunity to participate first. More on the Sacrifice soon…
+
+
+
+
+**_So far, what achievements have you reached and which of them are you most proud of?_**
+
+Our Mandala Dark Horse Comics graphic novel garnered a cult following—and even predicted the future! Getting a deal with one of the biggest Hollywood studios in the world was a great achievement, but walking away from it based on our principles was an even bigger one. It was this that opened a door to the power of the blockchain.
+
+We were fortunate to find a crypto community of builders in Cardano committed to decentralization. In this regard, we have worked to decentralize our Clan dApp. It uses Kupo, a Cardano UTXO indexer, which connects to a Cardano node. The dApp also has a built-in network settings area for users to provide their own endpoint for the indexer. To help our users set up their own Cardano infrastructure for this dApp, we created a small tool called [Noderunner](https://github.com/mandalaverse/noderunner), which runs on Debian-flavor Linux distros to make it easier to spin up Kupo, a Cardano node, and other various tools like IPFS and Carp by dcSpark.
+
+Extending from our base in Cardano, we have also proceeded to go multichain with our NFTs, introducing collections on Ethereum and Polkadot. This underlines our effort to gather the chains in one unified community—aka the “rebel alliance”—working together to build a new parallel system that will benefit everyone and not just a few. Mandala’s Clan dApp is one of the first to integrate the three chains started by the original founders of Ethereum.
+
+
+
+
+**_What does the future hold for your project? Can you share some insights about the Clan App?_**
+
+We are co-creating this project with the audience, and so their participation is a determining factor in our roadmap and pace of production. The metaverse and AI represent the new frontier, and we will all need to navigate the changing tides as we pioneer together. From long-term business relationships to the range of existing strategic partnerships in our innovative Round Table model (see our Blueprint at https://enterthemandala.com), Mandala is positioned for explosive growth on the global stage.
+
+The Clan dApp was originally built for Cardano stakepool operators, in order to provide them with a user-friendly way to promote their mission, grow their pool, and even onboard new people into the blockchain space. All pools are welcome to join the Mandala, free of charge, by choosing the clan that is best aligned with their mission to make the world a better place. Gamification of stakepool growth is synergistic with growing the Mandala and promoting real change. Other features of the Clan dApp currently include:
+
+- Staking NFTs for rewards
+- Identity creation (Avatar profile and DIDs)
+- Story-driven community-building (Clans, Cells, Fellowships)
+- Lightweight, strategic gameplay (battle between Light and Shadow)
+- Gated integration with Discord
+- Multichain NFT collections
+- Deep lore with rabbit holes
+
+For more, check out our [GitBook](https://the-thirteen.gitbook.io/mandala-metaverse/mandala-metaverse/mandala-clan-app).
+
+Going forward, we are going to be making the Clan dApp more and more decentralized by driving all our profile data to use NFTs that follow the CIP-68 standard and converting our currently minted NFTs that are using CIP25 to CIP68 in a gamified way. Our rewards system will also be fully on-chain—and turning our reward points into on-chain assets which then can be utilized to claim rewards in our rewards redemption center operated by Cardano smart contracts will fully decentralize our dApp. It is open source for others to use.
+
+The Clan dApp will scale into the AR geo-location mobile game, even as we begin production of the first characters and environments in the Unreal Engine for the MMO. Expect digital content from us and SophiaVerse coming soon, as well as AI NPCs (non-player characters) with SingularityNet.
+
+
+
+
+**_Can you tell us about the partnerships you've established so far, and which ones have had the most significant impact?_**
+
+When we first arrived in Cardano, there was a lot of synergy. We met the folks at Gimbalabs, as well as Chris Liberty, Ray of Grow Pool, and a host of other OGs. Shortly thereafter, Josh Miller kindly introduced us to NMKR. In turn, NMKR introduced us to IAMX, who we partnered with for our DID solution. We have another DID solution with a stealth partner we met at the Cardano Summit in Wyoming. More about that coming soon.
+
+Our joint venture and Metaverse Company with SingularityNet / Sophiaverse opens unimaginable possibilities for our continued development on Cardano. SophiaVerse is an environment for baby AGIs to be trained, and Mandala is the Enlightenment Simulator for Sophia and evolving AGIs to become conscious and reach self-awareness alongside human players. Our combined tech stack will be made available to other metaverse projects.
+
+LionTree Advisors is one of the most prominent boutique banks in the world, handling most of the large merger and acquisition transactions in the media space. They bring a wealth of relationships on the legacy media side.
+
+MindMaze is a leader in digital neurotherapeutics. To date they have been focused on evidence-driven therapy and an assessment portfolio powered by medical-grade software, tailored interactive content, and proprietary peripherals. Mandala’s Enlightenment Simulator will be the gold standard for their brainwave tech in the metaverse space.
+On the Ethereum side, we are partnered with Immutable X, who in turn has partnered with Polygon with a zkEVM solution for AAA gaming. We plan on working with Milkomeda to connect Cardano and Ethereum for interoperability in our metaverse. And as another portal solution, RMRK is a partner in Polkadot and Ethereum with an innovative NFT 2.0 standard that is pushing the envelope for gaming. Along with CIP-68 on Cardano, we will have laid the multichain and interoperable foundation for NFT 2.0 standards as we scale gameplay into mobile and Unreal Engine environments.
+
+
+
+
+**_We'd love to learn more about your team. Who are the key individuals behind the Mandala Metaverse?_**
+
+Our core team is nimble—think special forces unit!—in order to steward production with our various strategic partners executing on different pieces of the IP.
+
+- **Jon Shanker**, Founder & CEO: BA in Comparative Study of Religion (Harvard), lineage holder in multiple spiritual traditions
+- **Dr. Albion Butters**, Founder & CCO: Masters of Theological Studies (Harvard), PhD (Columbia University), Fulbright scholar, author
+- **Kevin J. Foxe**, Executive Producer & CMO: Executive Producer of The Blair Witch Project; Founding Chair of the Producers Guild New Media Council
+- **Mike Bakon**, CTO: Veteran developer on multiple blockchains
+- **Cal Evans**, Legal: Founder and CEO, Gresham International, expertise in ICO compliance and strategy in cryptocurrency
+- **Stuart Moore**, Writer: Founding editor of DC / Vertigo Comics, writer for Marvel and DC
+- **Bruce Zick**, Artist: Disney and Pixar concept artist; Marvel and Dark Horse Comics illustrator
+- **Tony Millionaire**, Artist: Drinky Crow Show on Adult Swim and Saturday Night Live, five-time Eisner Award winner
+- **Thomas Gewecke**, Advisor: Former CDO for Warner Bros.
+- **Nate Jones**, Advisor: Head of Corporate Development for Sony Interactive Entertainment, Former VP of Digital Games of Warner Bros. Interactive
+- **Brooks Brown**, Advisor: Former VP of Digital Development of Lightstorm on Avatar; Project Lead for LucasArts on Star Wars; Founder and CEO, NOR
+- **Robert Thurman**, Advisor: First Western disciple of the Dalai Lama, Founding Chair of History of Religion at Columbia University
+- **Gig Rackauskas**, Investor & Advisor: Former President of Jim Cameron’s Earthship, head production executive on Titanic and Alien films
+- **The Thirteen**, Anonymous Council of Storytellers
+
+Journey down the rabbit hole. The cost of admission is only your mind.
+
+- Website: https://enterthemandala.com/
+- Twitter: https://twitter.com/enterthemandala
+- Discord: https://discord.com/invite/twEpa6pfP4
+- GitBook: https://the-thirteen.gitbook.io/mandala-metaverse/
+- GitHub: https://github.com/mandalaverse
+
+
+
+
+*To engage in a conversation or share your thoughts about the interview with Jingles, please visit the designated **[Cardano Forum post](https://forum.cardano.org)**.*
\ No newline at end of file
diff --git a/docs/operate-a-stake-pool/hardening-server.md b/docs/operate-a-stake-pool/hardening-server.md
new file mode 100644
index 0000000000..bc0ec67699
--- /dev/null
+++ b/docs/operate-a-stake-pool/hardening-server.md
@@ -0,0 +1,328 @@
+---
+id: hardening-server
+title: Hardening the server
+sidebar_label: Hardening the server
+description: "Stake pool guide: Learn how to harden your server"
+image: ../img/og/og-developer-portal.png
+---
+
+Before installing your Cardano node, you need to have a clean and secured OS. This guide explains how to secure your server, in 10 steps.
+
+### Prerequisites
+
+- This guide is designed for Ubuntu Server (22.04 LTS or 20.04 LTS)
+- A SSH client on your local machine. If you are using a Windows machine, install OpenSSH Client ([guide](https://www.howtogeek.com/311287/how-to-connect-to-an-ssh-server-from-windows-macos-or-linux/))
+- SSH server up and running on your Ubuntu Server
+
+### 1- Create a non-root user for your Cardano node
+
+First thing first : you should never use the root account to connect to your server and manage it. Instead, use a non-root account, that can use sudo. We are going to create one.
+
+- Connect to your server with SSH (for this time only, you might use root. We'll disable it after anyway. You can also use the default user created by the Ubuntu installer).
+
+```shell
+ssh @server-ip
+```
+
+- New user creation called cardano (or whatever you want)
+
+```shell
+sudo useradd -m -s /bin/bash cardano
+```
+
+- Set a strong password
+```shell
+sudo passwd cardano
+```
+
+- Allow cardano user to use sudo command
+```shell
+sudo usermod -aG sudo cardano
+```
+
+- Disconnect from your server, and reconnect using your new user
+```shell
+ssh cardano@server-ip
+```
+
+- Remove default user if needed
+```shell
+sudo userdel
+```
+
+### 2- Disable root
+
+You should never use root account. Always use sudo to run commands with privileges. We are going to disable it.
+
+```shell
+sudo passwd -l root
+```
+
+### 3- Update System
+
+It's time to update your system with the latest pathes available.
+
+```shell
+sudo apt-get update -y
+sudo apt-get upgrade -y
+sudo apt-get autoremove
+sudo apt-get autoclean
+```
+
+Reboot your server.
+```shell
+sudo reboot
+```
+
+### 4- Activate Unattended-upgrades for automatic security updates
+
+Next step is to enable unattended upgrades to automatically install security updates.
+
+:::important
+
+By default, the unattended-upgrades service **only installs security updates** automatically. These updates **WONT** make your server automatically reboot.
+
+The primary argument against enabling unattended-ugrades is that one day, a less stable package may install and cause stability or dependencies issues. While this argument is technically valid, the fact remains that without this package installed and enabled, it's more likely that a Linux server might host a software with remotely exploitable security vulnerabilities.
+
+:::
+
+```shell
+sudo apt-get install unattended-upgrades
+sudo dpkg-reconfigure -plow unattended-upgrades
+```
+
+### 5- Generate SSH keys
+
+The next step might be one of the most important things to do, to secure your server. Passwords are not safe to use. Instead, use SSH keys. We are going to create a new SSH key pair on your local machine. I strongly recommend using ED25519 algorithm.
+
+#### On your local machine
+
+- Generate a a new key-pair. You will be asked to enter a filename to save your key
+```shell
+ssh-keygen -t ed25519
+```
+
+- Copy the public key to your server
+```shell
+ssh-copy-id -i $HOME/.ssh/ cardano@server-ip
+```
+
+- Now disconnect from your server, and try to login again from your local machine where your private key is. This time you won't need to enter your password.
+```shell
+ssh cardano@server-ip
+```
+
+:::caution
+
+Your private SSH key is what allow you to connect to your server. It is stored on your local machine. You should backup it to a secured cold storage, and never ever share it
+
+:::
+
+
+### 6- Hardening SSH configuration
+The next-step is to tweak the sshd_config on your server, to make it much more secured
+
+- Open the /etc/ssh/sshd_config file
+```shell
+sudo nano /etc/ssh/sshd_config
+```
+
+- Then locate and update if needed, all the options below
+
+```shell
+PubkeyAuthentication yes
+PasswordAuthentication no
+PermitRootLogin prohibit-password
+PermitEmptyPasswords no
+X11Forwarding no
+TCPKeepAlive no
+Compression no
+AllowAgentForwarding no
+AllowTcpForwarding no
+KbdInteractiveAuthentication no
+```
+
+- Change the default sshd listening port as well with your own custom port (choose between 1024 - 49150)
+```shell
+Port
+```
+
+- Save and close your /etc/ssh/sshd_config. Validate the configuration
+```shell
+sudo sshd -t
+```
+
+- Then restart sshd
+```shell
+sudo systemctl restart sshd
+```
+
+- Disconnect from your server, and reconnect
+```shell
+ssh cardano@server-ip -p
+```
+
+### 7- Firewall configuration
+We are going to use UFW firewall to secure network access to your Cardano node. We are only focusing on ports that are used for SSH, and Cardano node. If you want to use Grafana and Prometheus for monitoring, please, refer to this [guide](docs/operate-a-stake-pool/grafana-dashboard-tutorial.md), to add appropriate ports to your UFW configuration.
+
+#### On your Relay Node :
+```shell
+sudo ufw default deny incoming
+sudo ufw default allow outgoing
+sudo ufw allow to any proto tcp port
+sudo ufw allow to any proto tcp port
+sudo ufw enable
+```
+
+#### On your Block Producer Node :
+```shell
+sudo ufw default deny incoming
+sudo ufw default allow outgoing
+sudo ufw allow to any proto tcp port
+sudo ufw allow from to any proto tcp port
+sudo ufw allow from to any proto tcp port
+sudo ufw enable
+```
+
+If you want to permit SSH connections to your node from specific IP, replace :
+```shell
+sudo ufw allow to any proto tcp port
+```
+by
+```shell
+sudo ufw allow from to any proto tcp port
+```
+
+### 8- Fail 2 ban installation and configuration
+
+Fail2ban is a very useful tool to block repetitive intrusion attempts. It can detect failed logins from specific IP and patterns, and blacklist it.
+
+Installation and service activation :
+
+```shell
+sudo apt-get install fail2ban -y
+sudo systemctl start fail2ban
+sudo systemctl enable fail2ban
+```
+
+Create a jail.local file and open it
+```shell
+sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
+sudo nano /etc/fail2ban/jail.local
+```
+
+Locate the [DEFAULT] block and adjust to your needs.
+Here is a configuration exemple that allows 2 logins attempts within 10minutes, and ban for 1hour any IP that fails. After 1h, if the IP tries again and fails, the bantime will be incremented by factor *2. The maximum bantime is set to 5 weeks.
+
+```shell
+bantime = 1h
+bantime.increment = true
+bantime.factor = 2
+bantime.maxtime = 5w
+findtime = 10m
+maxretry = 2
+```
+
+Locate the [sshd] block and adjust to your needs.
+
+```shell
+mode = aggressive
+enabled = true
+port =
+filter = sshd
+maxretry = 2
+logpath = /var/log/auth.log
+backend = %(sshd_backend)s
+```
+
+Save and close. Open the sshd.conf filter file
+```shell
+sudo nano /etc/fail2ban/filter.d/sshd.conf
+```
+
+Locate the mode variable and set it to "aggressive"
+```shell
+mode = aggressive
+```
+Save and close.
+
+Restart fail2ban
+```shell
+sudo systemctl restart fail2ban
+```
+
+:::important
+
+Once again, please adjust fail2ban configuration above to your needs. You might want to allow more than 2 failed attempts, or decrease bantime
+
+:::
+
+
+### 9- /etc/sysctl.conf hardening
+
+sysctl allows you to make changes to your linux kernel, and set advanced security options of the TCP/IP stack, and system settings. Here is a configuration recommendation to prevent some attacks on IPv4 networking layer.
+
+Open /etc/sysctl.conf file
+
+```shell
+sudo nano /etc/sysctl.conf
+```
+
+Add these options at the end of the file
+
+```shell
+# Avoid a smurf attack
+net.ipv4.icmp_echo_ignore_broadcasts = 1
+
+# Turn on protection for bad icmp error messages
+net.ipv4.icmp_ignore_bogus_error_responses = 1
+
+# Turn on syncookies for SYN flood attack protection
+net.ipv4.tcp_syncookies = 1
+
+# Turn on and log spoofed, source routed, and redirect packets
+net.ipv4.conf.all.log_martians = 1
+net.ipv4.conf.default.log_martians = 1
+
+# No source routed packets here
+net.ipv4.conf.all.accept_source_route = 0
+net.ipv4.conf.default.accept_source_route = 0
+
+# Increase TCP max buffer size setable using setsockopt()
+net.ipv4.tcp_rmem = 4096 87380 8388608
+net.ipv4.tcp_wmem = 4096 87380 8388608
+
+# No redirects
+net.ipv4.conf.all.accept_redirects = 0
+net.ipv4.conf.default.accept_redirects = 0
+net.ipv4.conf.all.secure_redirects = 0
+
+## Disable packet forwarding
+net.ipv4.ip_forward = 0
+
+# Synflood protection
+net.ipv4.tcp_synack_retries = 5
+```
+
+Save and close. Reload sysctl
+
+```shell
+sudo sysctl -p
+```
+
+### 10- Shared Memory hardening
+Shared memory can be used in an attack against a running service. To secure it, modify /etc/fstab
+
+```shell
+sudo nano /etc/fstab
+```
+Add the following lline at the end of the file
+
+```shell
+tmpfs /run/shm tmpfs ro,noexec,nosuid 0 0
+```
+Save and close. Reboot your server
+
+```shell
+sudo reboot
+```
diff --git a/docs/operate-a-stake-pool/register-stake-pool.md b/docs/operate-a-stake-pool/register-stake-pool.md
index 023b43f0bb..dd365fe637 100644
--- a/docs/operate-a-stake-pool/register-stake-pool.md
+++ b/docs/operate-a-stake-pool/register-stake-pool.md
@@ -36,6 +36,7 @@ Before starting, make sure you have access to:
| `kes.skey` | KES signing key |
| `vrf.vkey` | VRF verification key |
| `vrf.skey` | VRF signing key |
+| `protocol.json` | protocol parameters file |
## Create JSON file with your metadata
@@ -77,7 +78,7 @@ Both the hashes must be equal. If the hashes do no match, then the uploaded .jso
Find the minimum pool cost:
```
-minPoolCost=$(cat params.json | jq -r .minPoolCost)
+minPoolCost=$(cat protocol.json | jq -r .minPoolCost)
echo minPoolCost: ${minPoolCost}
```
@@ -169,13 +170,51 @@ This creates a delegation certificate which delegates funds from all stake addre
To understand the basics of submitting a transaction on the chain, refer to [Register Stake Address](./register-stake-address).
-Registering a stake pool requires a deposit. This amount is specified in the already created `params.json`:
+Registering a stake pool requires a deposit. This amount is specified in the already created `protocol.json`:
```
-stakePoolDeposit=$(cat params.json | jq -r '.stakePoolDeposit')
+stakePoolDeposit=$(cat protocol.json | jq -r '.stakePoolDeposit')
echo $stakePoolDeposit
```
+Let's find out how much balance is in our wallet:
+
+```
+cardano-cli query utxo \
+ --address $(cat payment.addr) \
+ --testnet-magic 1 > fullUtxo.out
+
+tail -n +3 fullUtxo.out | sort -k3 -nr > balance.out
+
+cat balance.out
+
+tx_in=""
+total_balance=0
+while read -r utxo; do
+ type=$(awk '{ print $6 }' <<< "${utxo}")
+ if [[ ${type} == 'TxOutDatumNone' ]]
+ then
+ in_addr=$(awk '{ print $1 }' <<< "${utxo}")
+ idx=$(awk '{ print $2 }' <<< "${utxo}")
+ utxo_balance=$(awk '{ print $3 }' <<< "${utxo}")
+ total_balance=$((${total_balance}+${utxo_balance}))
+ echo TxHash: ${in_addr}#${idx}
+ echo ADA: ${utxo_balance}
+ tx_in="${tx_in} --tx-in ${in_addr}#${idx}"
+ fi
+done < balance.out
+txcnt=$(cat balance.out | wc -l)
+echo Total available ADA balance: ${total_balance}
+echo Number of UTXOs: ${txcnt}
+```
+
+You should get output similar to below:
+
+```
+Total available ADA balance: 9497237500
+Number of UTXOs: 1
+```
+
Calculate the change for `--tx-out`. Since we don't know the exact transaction fees yet, we take 1 ada for the calculation:
```
@@ -186,7 +225,7 @@ which in our case would be 9497237500 - 500000000 - 1000000 = 8996237500
```
cardano-cli transaction build \
- --tx-in b64ae44e1195b04663ab863b62337e626c65b0c9855a9fbb9ef4458f81a6f5ee#1 \
+ ${tx_in} \
--tx-out $(cat payment.addr)+8996237500 \
--change-address $(cat payment.addr) \
--testnet-magic 1 \
@@ -213,7 +252,7 @@ echo ${txOut}
Build the transaction:
```
cardano-cli transaction build-raw \
- --tx-in b64ae44e1195b04663ab863b62337e626c65b0c9855a9fbb9ef4458f81a6f5ee#1 \
+ ${tx_in} \
--tx-out $(cat payment.addr)+${txOut} \
--invalid-hereafter $((${currentSlot} + 1000)) \
--fee 172189 \
diff --git a/docs/smart-contracts/marlowe.md b/docs/smart-contracts/marlowe.md
index 33d9978cd1..146dad3bc7 100644
--- a/docs/smart-contracts/marlowe.md
+++ b/docs/smart-contracts/marlowe.md
@@ -72,6 +72,11 @@ Marlowe uses two validators: the _semantics validator_ for the Marlowe DSL and a
## More resources
+### Documentation & overview
+
+- Official [Marlowe documentation](https://docs.marlowe.iohk.io)
+- [A comprehensive guide to Marlowe's security: audit outcomes, built-in functional restrictions, and ledger security features](https://iohk.io/en/blog/posts/2023/06/27/a-comprehensive-guide-to-marlowes-security-audit-outcomes-built-in-functional-restrictions-and-ledger-security-features/)
+
### GitHub repositories
- [Marlowe language and semantics](https://github.com/input-output-hk/marlowe)
@@ -133,6 +138,7 @@ Marlowe uses two validators: the _semantics validator_ for the Marlowe DSL and a
- [A Geo-Located Smart Contract Using Cardano Beam and Marlowe](https://youtu.be/DmkYen0eaV0)
## Presentations
+
- [Blockchain Essentials](https://www.youtube.com/watch?v=yi8-xaoTQT4)
- [Domain-specific languages](https://www.youtube.com/watch?v=T4W19TdJHMw)
- [Financial contracts](https://www.youtube.com/watch?v=1HRaRVyj2BI)
@@ -141,6 +147,7 @@ Marlowe uses two validators: the _semantics validator_ for the Marlowe DSL and a
- [Marlowe in full](https://www.youtube.com/watch?v=Ro8iBh7V7oc)
## Further Tutorials
+
- [A first contract](https://www.youtube.com/watch?v=es4qpcHxr0I)
- [Elaborating the contract](https://www.youtube.com/watch?v=DS_ebkGwmXw)
- [Choices and observations](https://www.youtube.com/watch?v=25fnB7C8mPE)
@@ -154,6 +161,9 @@ Marlowe uses two validators: the _semantics validator_ for the Marlowe DSL and a
- [Analysis in the playground](https://www.youtube.com/watch?v=VmoUAifui38)
- [ACTUS labs](https://www.youtube.com/watch?v=6PPWFZEfkks)
-## Metrics & Adoption
+## Metrics, Adoption, Audit
+
- [Marlowe Explorer: Scanners for contracts on Mainnet & testnets](https://marlowescan.com/)
- [MarloweStat: Statistics for Marlowe contracts on public networks](http://data.marlowestat.org/)
+- [Technical review of Marlowe: Final report (Tweag, 2023-03-24)](https://github.com/tweag/tweag-audit-reports/blob/main/Marlowe-2023-03.pdf)
+ - [Response to Audit Report for the Marlowe Specification (IOG)](https://github.com/input-output-hk/marlowe/blob/master/response-to-audit-report.md)
diff --git a/package.json b/package.json
index 7ac0cfa1b5..0176ec35d2 100644
--- a/package.json
+++ b/package.json
@@ -13,12 +13,12 @@
"cip:refresh": "ts-node scripts/cip.ts"
},
"dependencies": {
- "@docusaurus/core": "^2.4.0",
- "@docusaurus/plugin-client-redirects": "^2.4.0",
- "@docusaurus/plugin-content-docs": "^2.4.0",
- "@docusaurus/plugin-ideal-image": "^2.4.0",
- "@docusaurus/preset-classic": "^2.4.0",
- "@docusaurus/theme-search-algolia": "^2.4.0",
+ "@docusaurus/core": "^2.4.1",
+ "@docusaurus/plugin-client-redirects": "^2.4.1",
+ "@docusaurus/plugin-content-docs": "^2.4.1",
+ "@docusaurus/plugin-ideal-image": "^2.4.1",
+ "@docusaurus/preset-classic": "^2.4.1",
+ "@docusaurus/theme-search-algolia": "^2.4.1",
"@mdx-js/react": "^1.6.22",
"@popperjs/core": "^2.11.2",
"clsx": "^1.1.1",
diff --git a/sidebars.js b/sidebars.js
index 64c0791e9c..969632a1e0 100644
--- a/sidebars.js
+++ b/sidebars.js
@@ -165,7 +165,10 @@ module.exports = {
{
type: "category",
label: "Deployment Scenarios",
- items: ["operate-a-stake-pool/improve-grafana-security"],
+ items: [
+ "operate-a-stake-pool/hardening-server",
+ "operate-a-stake-pool/improve-grafana-security",
+ ],
},
{
type: "category",
diff --git a/src/data/builder-tools.js b/src/data/builder-tools.js
index e1e8e02a66..446a88166b 100644
--- a/src/data/builder-tools.js
+++ b/src/data/builder-tools.js
@@ -1034,6 +1034,22 @@ export const Showcases = [
getstarted: "https://docs.gomaestro.org/",
tags: ["http", "hosted"]
},
+ {
+ title: "potential-robot",
+ description: "A JavaScript API for test-driven development with Helios.",
+ preview: require("./builder-tools/potential-robot.png"),
+ website: "https://github.com/aleeusgr/potential-robot",
+ getstarted: null,
+ tags: ["javascript", "typescript", "testing"]
+ },
+ {
+ title: "Hydra",
+ description: "Hydra is the layer-two scalability solution for Cardano, which aims to increase the speed of transactions (low latency, high throughput) and minimize transaction cost.",
+ preview: require("./builder-tools/hydra.png"),
+ website: "https://hydra.family/head-protocol/",
+ getstarted: "https://hydra.family/head-protocol/docs/getting-started",
+ tags: ["haskell", "cli", "http", "websocket", "lowlevel"]
+ },
];
export const TagList = Object.keys(Tags);
diff --git a/src/data/builder-tools/hydra.png b/src/data/builder-tools/hydra.png
new file mode 100644
index 0000000000..c9520612b9
Binary files /dev/null and b/src/data/builder-tools/hydra.png differ
diff --git a/src/data/builder-tools/potential-robot.png b/src/data/builder-tools/potential-robot.png
new file mode 100644
index 0000000000..b27632097a
Binary files /dev/null and b/src/data/builder-tools/potential-robot.png differ
diff --git a/src/data/showcase/balanceanalytics.png b/src/data/showcase/balanceanalytics.png
new file mode 100644
index 0000000000..52242dff40
Binary files /dev/null and b/src/data/showcase/balanceanalytics.png differ
diff --git a/src/data/showcases.js b/src/data/showcases.js
index 2de6308d3c..bf4eafc689 100644
--- a/src/data/showcases.js
+++ b/src/data/showcases.js
@@ -659,15 +659,6 @@ export const Showcases = [
source: null,
tags: ["marketplace", "nftsupport"],
},
- {
- title: "MermADA Minting",
- description:
- "Cardano NFT Minting Service providing white label solutions for your branding needs from our single NFT Mint tool to NFT Vending Machines to Token Faucets.",
- preview: require("./showcase/mermada.png"),
- website: "https://mermada.com/",
- source: null,
- tags: ["minting", "metadata", "token", "nftsupport", "educational"],
- },
{
title: "Open CNFT",
description:
@@ -1171,7 +1162,15 @@ export const Showcases = [
source: null,
tags: ["nftsupport", "token"],
},
-
+ {
+ title: "BALANCE",
+ description:
+ "A Cardano Blockchain Research & Analytics Provider.",
+ preview: require("./showcase/balanceanalytics.png"),
+ website: "https://www.balanceanalytics.io/",
+ source: null,
+ tags: ["analytics", "pooltool"],
+ },
];
export const TagList = Object.keys(Tags);
diff --git a/static/img/devblog/mandala-dark.png b/static/img/devblog/mandala-dark.png
new file mode 100644
index 0000000000..f454fe16e7
Binary files /dev/null and b/static/img/devblog/mandala-dark.png differ
diff --git a/static/img/devblog/mandala-light.png b/static/img/devblog/mandala-light.png
new file mode 100644
index 0000000000..cdf04c4817
Binary files /dev/null and b/static/img/devblog/mandala-light.png differ
diff --git a/static/img/og/og-blog-mandala.png b/static/img/og/og-blog-mandala.png
new file mode 100644
index 0000000000..0339cac50b
Binary files /dev/null and b/static/img/og/og-blog-mandala.png differ