{"id":51197511,"url":"https://github.com/hyperledger-firefly/firefly","last_synced_at":"2026-06-27T22:00:48.382Z","repository":{"id":37075284,"uuid":"362231541","full_name":"hyperledger-firefly/firefly","owner":"hyperledger-firefly","description":"Hyperledger FireFly is the first open source Supernode: a complete stack for enterprises to build and scale secure Web3 applications. The FireFly API for digital assets, data flows, and blockchain transactions makes it radically faster to build production-ready apps on popular chains and protocols.","archived":false,"fork":false,"pushed_at":"2026-06-25T10:06:20.000Z","size":124209,"stargazers_count":597,"open_issues_count":145,"forks_count":246,"subscribers_count":31,"default_branch":"main","last_synced_at":"2026-06-25T12:04:57.998Z","etag":null,"topics":["blockchain","corda","ethereum","fabric","hyperledger","ipfs","messaging","microservices","privacy","supernode"],"latest_commit_sha":null,"homepage":"https://hyperledger-firefly.github.io/firefly/","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hyperledger-firefly.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":"auditevents/main.go","citation":null,"codeowners":"CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":"MAINTAINERS.md","copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2021-04-27T19:43:21.000Z","updated_at":"2026-06-25T10:06:00.000Z","dependencies_parsed_at":"2023-02-18T00:16:06.415Z","dependency_job_id":"43120452-5375-4607-a954-35a40a6ff168","html_url":"https://github.com/hyperledger-firefly/firefly","commit_stats":{"total_commits":3750,"total_committers":51,"mean_commits":73.52941176470588,"dds":0.6901333333333333,"last_synced_commit":"dacd8390246f60a1d1cb39d1edb748a35711752b"},"previous_names":["hyperledger-firefly/firefly"],"tags_count":66,"template":false,"template_full_name":null,"purl":"pkg:github/hyperledger-firefly/firefly","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperledger-firefly%2Ffirefly","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperledger-firefly%2Ffirefly/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperledger-firefly%2Ffirefly/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperledger-firefly%2Ffirefly/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hyperledger-firefly","download_url":"https://codeload.github.com/hyperledger-firefly/firefly/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hyperledger-firefly%2Ffirefly/sbom","scorecard":{"id":368729,"data":{"date":"2025-08-18T10:47:49Z","repo":{"name":"github.com/hyperledger/firefly","commit":"f67a468378abc7f512231ccda7db626845e0f1ec"},"scorecard":{"version":"v4.13.1","commit":"49c0eed3a423f00c872b5c3c9f1bbca9e8aae799"},"score":7.5,"checks":[{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#binary-artifacts"}},{"name":"Branch-Protection","score":3,"reason":"branch protection is not maximal on development and all release branches","details":["Info: 'force pushes' disabled on branch 'main'","Info: 'allow deletion' disabled on branch 'main'","Info: status checks require up-to-date branches for 'main'","Info: 'last push approval' enabled on branch 'main'","Info: status check found to merge onto on branch 'main'","Warn: number of required reviewers is only 1 on branch 'main'","Info: stale review dismissal enabled on branch 'main'","Info: settings apply to administrators on branch 'main'","Info: codeowner review is required on branch 'main'","Info: 'force pushes' disabled on branch 'release-1.2'","Info: 'allow deletion' disabled on branch 'release-1.2'","Warn: status checks do not require up-to-date branches for 'release-1.2'","Warn: 'last push approval' disabled on branch 'release-1.2'","Info: status check found to merge onto on branch 'release-1.2'","Warn: number of required reviewers is 0 on branch 'release-1.2'","Warn: stale review dismissal disabled on branch 'release-1.2'","Warn: settings do not apply to administrators on branch 'release-1.2'","Warn: codeowner review is not required on branch 'release-1.2'","Info: 'force pushes' disabled on branch 'release-1.1'","Info: 'allow deletion' disabled on branch 'release-1.1'","Warn: status checks do not require up-to-date branches for 'release-1.1'","Warn: 'last push approval' disabled on branch 'release-1.1'","Info: status check found to merge onto on branch 'release-1.1'","Warn: number of required reviewers is 0 on branch 'release-1.1'","Warn: stale review dismissal disabled on branch 'release-1.1'","Warn: settings do not apply to administrators on branch 'release-1.1'","Warn: codeowner review is not required on branch 'release-1.1'","Info: 'force pushes' disabled on branch 'release-1.0'","Info: 'allow deletion' disabled on branch 'release-1.0'","Warn: status checks do not require up-to-date branches for 'release-1.0'","Warn: 'last push approval' disabled on branch 'release-1.0'","Info: status check found to merge onto on branch 'release-1.0'","Warn: number of required reviewers is 0 on branch 'release-1.0'","Warn: stale review dismissal disabled on branch 'release-1.0'","Warn: settings do not apply to administrators on branch 'release-1.0'","Warn: codeowner review is not required on branch 'release-1.0'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#branch-protection"}},{"name":"CI-Tests","score":10,"reason":"9 out of 9 merged PRs checked by a CI test -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project runs tests before pull requests are merged.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#ci-tests"}},{"name":"CII-Best-Practices","score":5,"reason":"badge detected: passing","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#cii-best-practices"}},{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#code-review"}},{"name":"Contributors","score":10,"reason":"19 different organizations found -- score normalized to 10","details":["Info: contributors work for *instinctools,AdoptOpenJDK,LF-Decentralized-Trust,MyHoneyBadger,PQCA,StartupBot,appsody,chelexa,hyperledger,ibmruntimes,kaleido,kaleido-io,kaleido.io,linuxfoundation,new york university,openwallet-foundation,rust-lang,uber,uber-common"],"documentation":{"short":"Determines if the project has a set of contributors from multiple organizations (e.g., companies).","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#contributors"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#dangerous-workflow"}},{"name":"Dependency-Update-Tool","score":10,"reason":"update tool detected","details":["Info: tool 'Dependabot' is used: :0"],"documentation":{"short":"Determines if the project uses a dependency update tool.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#dependency-update-tool"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no OSSFuzz integration found: Follow the steps in https://github.com/google/oss-fuzz to integrate fuzzing for your project.\nOver time, try to add fuzzing for more functionalities of your project. (High effort)","Warn: no OneFuzz integration found: Follow the steps in https://github.com/microsoft/onefuzz to start fuzzing for your project.\nOver time, try to add fuzzing for more functionalities of your project. (High effort)","Warn: no GoBuiltInFuzzer integration found: Follow the steps in https://go.dev/doc/fuzz/ to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no PythonAtherisFuzzer integration found: Follow the steps in https://github.com/google/atheris to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no CLibFuzzer integration found: Follow the steps in https://llvm.org/docs/LibFuzzer.html to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no CppLibFuzzer integration found: Follow the steps in https://llvm.org/docs/LibFuzzer.html to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no SwiftLibFuzzer integration found: Follow the steps in https://google.github.io/oss-fuzz/getting-started/new-project-guide/swift-lang/ to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no RustCargoFuzzer integration found: Follow the steps in https://rust-fuzz.github.io/book/cargo-fuzz.html to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no JavaJazzerFuzzer integration found: Follow the steps in https://github.com/CodeIntelligenceTesting/jazzer to enable fuzzing on your project.\nOver time, try to add fuzzing for more functionalities of your project. (Medium effort)","Warn: no ClusterFuzzLite integration found: Follow the steps in https://github.com/google/clusterfuzzlite to integrate fuzzing as part of CI.\nOver time, try to add fuzzing for more functionalities of your project. (High effort)","Warn: no HaskellPropertyBasedTesting integration found: Use one of the following frameworks to fuzz your project:\nQuickCheck: https://hackage.haskell.org/package/QuickCheck\nhedgehog: https://hedgehog.qa/\nvalidity: https://github.com/NorfairKing/validity\nsmallcheck: https://hackage.haskell.org/package/smallcheck\nhspec: https://hspec.github.io/\ntasty: https://hackage.haskell.org/package/tasty (High effort)","Warn: no TypeScriptPropertyBasedTesting integration found: Use fast-check: https://github.com/dubzzz/fast-check (High effort)","Warn: no JavaScriptPropertyBasedTesting integration found: Use fast-check: https://github.com/dubzzz/fast-check (High effort)"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: License file found in expected location: LICENSE:1","Info: FSF or OSI recognized license: LICENSE:1"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#license"}},{"name":"Maintained","score":10,"reason":"30 commit(s) out of 30 and 5 issue activity out of 30 found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#maintained"}},{"name":"Packaging","score":10,"reason":"publishing workflow detected","details":["Info: GitHub/GitLab publishing workflow used in run https://api.github.com/repos/hyperledger/firefly/actions/runs/16350585137: .github/workflows/docker_main.yml:15"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#packaging"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/codeql.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/codeql.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/codeql.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/codeql.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker_main.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/docker_main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker_main.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/docker_main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker_main.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/docker_main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker_main.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/docker_main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker_main.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/docker_main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker_release.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/docker_release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker_release.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/docker_release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker_release.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/docker_release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker_release.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/docker_release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker_release.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/docker_release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/docs.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:142: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/go.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:147: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/go.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:152: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/go.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:171: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/go.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/go.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/go.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/go.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/go.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/go.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/go.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/go.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/integration.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/integration.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/integration.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/integration.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration.yml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/integration.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration.yml:117: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/integration.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/scorecard.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/scorecard.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/scorecard.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/scorecard.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/solidity.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/solidity.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/solidity.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/hyperledger/firefly/solidity.yml/main?enable=pin","Warn: containerImage not pinned by hash: Dockerfile:14","Warn: containerImage not pinned by hash: Dockerfile:35","Warn: containerImage not pinned by hash: Dockerfile:52","Warn: containerImage not pinned by hash: Dockerfile:64","Warn: containerImage not pinned by hash: Dockerfile:73","Warn: downloadThenRun not pinned by hash: Dockerfile:68","Warn: pipCommand not pinned by hash: .github/workflows/docs.yml:40","Info: 1 out of 27 GitHub-owned GitHubAction dependencies pinned","Info: 1 out of 10 third-party GitHubAction dependencies pinned","Info: 0 out of 5 containerImage dependencies pinned","Info: 0 out of 1 downloadThenRun dependencies pinned","Info: 0 out of 1 pipCommand dependencies pinned","Info: 1 out of 1 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":10,"reason":"SAST tool is run on all commits","details":["Info: all commits (30) are checked with a SAST tool","Info: SAST tool detected: CodeQL"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#sast"}},{"name":"Security-Policy","score":9,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Warn: One or no descriptive hints of disclosure, vulnerability, and/or timelines in security policy: On GitHub:\nEnable private vulnerability disclosure in your repository settings https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository\nAdd a section in your SECURITY.md indicating you have enabled private reporting, and tell them to follow the steps in https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability to report vulnerabilities.\nOn GitLab:\nAdd a section in your SECURITY.md indicating the process to disclose vulnerabilities for your project.\nExamples: https://github.com/ossf/scorecard/blob/main/SECURITY.md, https://github.com/slsa-framework/slsa-github-generator/blob/main/SECURITY.md, https://github.com/sigstore/.github/blob/main/SECURITY.md. (Low effort)","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#security-policy"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":["Warn: no GitHub releases found"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#signed-releases"}},{"name":"Token-Permissions","score":10,"reason":"GitHub workflow tokens follow principle of least privilege","details":["Info: topLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:17","Info: topLevel 'contents' permission set to 'read': .github/workflows/docker_main.yml:12","Info: topLevel 'contents' permission set to 'read': .github/workflows/docker_release.yml:8","Info: topLevel 'contents' permission set to 'read': .github/workflows/docs.yml:12","Warn: jobLevel 'contents' permission set to 'write': .github/workflows/docs.yml:18: Verify which permissions are needed and consider whether you can reduce them. (High effort)","Info: topLevel 'contents' permission set to 'read': .github/workflows/go.yml:22","Info: topLevel 'contents' permission set to 'read': .github/workflows/integration.yml:11","Info: topLevel permissions set to 'read-all': .github/workflows/scorecard.yml:18","Info: topLevel 'contents' permission set to 'read': .github/workflows/solidity.yml:8","Info: topLevel 'packages' permission set to 'read': .github/workflows/solidity.yml:9"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#token-permissions"}},{"name":"Vulnerabilities","score":0,"reason":"10 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-vvgc-356p-c3xw / GO-2025-3595","Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6","Warn: Project is vulnerable to: GHSA-xq7p-g2vc-g82p","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4","Warn: Project is vulnerable to: GHSA-h7cp-r72f-jxh6","Warn: Project is vulnerable to: GHSA-v62p-rq8g-8h59","Warn: Project is vulnerable to: GHSA-52f5-9888-hmc6","Warn: Project is vulnerable to: GHSA-cxrh-j4jr-qwg3","Warn: Project is vulnerable to: GHSA-qxp5-gwg8-xv66 / GO-2025-3503"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/49c0eed3a423f00c872b5c3c9f1bbca9e8aae799/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-18T12:29:13.650Z","repository_id":37075284,"created_at":"2025-08-18T12:29:13.651Z","updated_at":"2025-08-18T12:29:13.651Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34869004,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-27T02:00:06.362Z","response_time":126,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["blockchain","corda","ethereum","fabric","hyperledger","ipfs","messaging","microservices","privacy","supernode"],"created_at":"2026-06-27T22:00:44.684Z","updated_at":"2026-06-27T22:00:48.353Z","avatar_url":"https://github.com/hyperledger-firefly.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Hyperledger FireFly\n\n[![codecov](https://codecov.io/gh/hyperledger/firefly/branch/main/graph/badge.svg?token=QdEnpMqB1G)](https://codecov.io/gh/hyperledger/firefly)\n[![Go Report Card](https://goreportcard.com/badge/github.com/hyperledger/firefly)](https://goreportcard.com/report/github.com/hyperledger/firefly)\n[![FireFy Documentation](https://img.shields.io/static/v1?label=FireFly\u0026message=documentation\u0026color=informational)](https://hyperledger.github.io/firefly//)\n![build](https://github.com/hyperledger/firefly/actions/workflows/docker_main.yml/badge.svg?branch=main)\n[![OpenSSF Best Practices](https://www.bestpractices.dev/projects/7826/badge)](https://www.bestpractices.dev/projects/7826)\n[![OpenSSF Scorecard](https://api.scorecard.dev/projects/github.com/hyperledger/firefly/badge)](https://scorecard.dev/viewer/?uri=github.com/hyperledger/firefly)\n\n![Hyperledger FireFly](./images/hyperledger_firefly_logo.png)\n\nHyperledger FireFly is the first open source Supernode: a complete stack for enterprises to build and scale secure Web3 applications.\n\nThe FireFly API for digital assets, data flows, and blockchain transactions makes it radically faster to build production-ready apps on popular chains and protocols.\n\n[ENGLISH](./README.md) | [简体中文](./README_zh_CN.md)\n\n## Start using Hyperledger FireFly\n\nThe best place to learn about FireFly is in the [documentation](https://hyperledger.github.io/firefly).\n\nThere you will find our [Getting Started Guide](https://hyperledger.github.io/firefly/latest/gettingstarted/),\nwhich will get you a running FireFly network of Supernodes on your local machine in a few minutes.\n\nYour development environment will come with:\n\nFireFly CLI | FireFly Explorer UI | FireFly Sandbox |\n:----------------------------:|:-----------------------------------:|:----------------:|\n[![CLI](./images/firefly_cli.png)](https://hyperledger.github.io/firefly/latest/gettingstarted/firefly_cli/#install-the-firefly-cli) | [![UI](./images/firefly_explorer.png)](https://github.com/hyperledger/firefly-ui) | [![Sandbox](./images/firefly_sandbox.png)](https://hyperledger.github.io/firefly/latest/gettingstarted/sandbox/#use-the-sandbox) |\n\n## Engage with the community\n\n- [Join us on Discord](https://discord.gg/hyperledger)\n\n## Technical architecture\n\nHyperledger FireFly has a pluggable microservices architecture. Everything is pluggable, from the Blockchain technology,\ntoken ERC standards, and custom smart contracts, all the way to the event distribution layer and private database.\n\nSo if there aren't yet instructions for making FireFly a Supernode for your favorite blockchain technology -\ndon't worry. There is almost certainly a straightforward path to plugging it in that will save you from re-building\nall the plumbing for your blockchain application from scratch.\n\n[![Hyperledger FireFly Architecture Overview](./doc-site/docs/images/firefly_architecture_overview.jpg)](https://raw.githubusercontent.com/kaleido-io/firefly/main/doc-site/docs/images/firefly_architecture_overview.jpg)\n\n## Start contributing to Hyperledger FireFly\n\nThere are lots of places you can contribute, regardless of whether your skills are front-end, backend-end, or full-stack.\n\nCheck out our [Contributor Guide](https://hyperledger.github.io/firefly/latest/contributors/), and **welcome!**.\n\n## Other repos\n\nYou are currently in the \"core\" repository, which is written in Go and hosts the API Server and central orchestration\nengine. Here you will find plugin interfaces to microservice connectors written in a variety of languages like\nTypeScript and Java, as well as heavy-lifting runtime components.\n\nOther repositories you might be interested in containing those microservice components, user experiences, CLIs and samples.\n\n\u003e Note that only open source repositories and plugins are listed below\n\n### Blockchain connectivity\n\n- Transaction Manager - \u003chttps://github.com/hyperledger/firefly-transaction-manager\u003e\n- RLP \u0026 ABI encoding, KeystoreV3 utilities and secp256k1 signer runtime - \u003chttps://github.com/hyperledger/firefly-signer\u003e\n- FFCAPI reference connector for EVM Chains - \u003chttps://github.com/hyperledger/firefly-evmconnect\u003e\n - Public EVM compatible chains: Learn more in the [documentation](https://hyperledger.github.io/firefly)\n- Permissioned Ethereum connector - \u003chttps://github.com/hyperledger/firefly-ethconnect\u003e\n - Private/permissioned: Hyperledger Besu / Quorum\n- Hyperledger Fabric connector - \u003chttps://github.com/hyperledger/firefly-fabconnect\u003e\n- Tezos connector - \u003chttps://github.com/hyperledger/firefly-tezosconnect\u003e\n- Cardano connector - \u003chttps://github.com/hyperledger/firefly-cardano\u003e\n- Corda connector starter: \u003chttps://github.com/hyperledger/firefly-cordaconnect\u003e\n - CorDapp specific customization is required\n\n### Token standards\n\n- Tokens ERC20/ERC721 - \u003chttps://github.com/hyperledger/firefly-tokens-erc20-erc721\u003e\n- Tokens ERC1155 - \u003chttps://github.com/hyperledger/firefly-tokens-erc1155\u003e\n\n### Private data bus connectivity\n\n- HTTPS Data Exchange - \u003chttps://github.com/hyperledger/firefly-dataexchange-https\u003e\n\n### Developer ecosystem\n\n- Command Line Interface (CLI) - \u003chttps://github.com/hyperledger/firefly-cli\u003e\n- Explorer UI - \u003chttps://github.com/hyperledger/firefly-ui\u003e\n- Node.js SDK - \u003chttps://github.com/hyperledger/firefly-sdk-nodejs\u003e\n- Sandbox / Exerciser - \u003chttps://github.com/hyperledger/firefly-sandbox\u003e\n- Samples - \u003chttps://github.com/hyperledger/firefly-samples\u003e\n- FireFly Performance CLI: \u003chttps://github.com/hyperledger/firefly-perf-cli\u003e\n- Helm Charts for Deploying to Kubernetes: \u003chttps://github.com/hyperledger/firefly-helm-charts\u003e\n\n## FireFly Core code hierarchy\n\n```\n┌──────────┐ ┌───────────────┐\n│ cmd ├──┤ firefly [Ff]│ - CLI entry point\n└──────────┘ │ │ - Creates parent context\n │ │ - Signal handling\n └─────┬─────────┘\n │\n┌──────────┐ ┌─────┴─────────┐ - HTTP listener (Gorilla mux)\n│ internal ├──┤ api [As]│ * TLS (SSL), CORS configuration etc.\n└──────────┘ │ server │ * WS upgrade on same port\n │ │ - REST route definitions\n └─────┬─────────┘ * Simple routing logic only, all processing deferred to orchestrator\n │\n ┌─────┴─────────┐ - REST route definition framework\n │ openapi [Oa]│ * Standardizes Body, Path, Query, Filter semantics\n │ spec | - OpenAPI 3.0 (Swagger) generation\n └─────┬─────────┘ * Including Swagger. UI\n │\n ┌─────┴─────────┐ - WebSocket server\n │ [Ws]│ * Developer friendly JSON based protocol business app development\n │ websockets │ * Reliable sequenced delivery\n └─────┬─────────┘ * _Event interface [Ei] supports lower level integration with other compute frameworks/transports_\n │\n ┌─────┴─────────┐ - Extension point interface to listen for database change events\n │ admin [Ae]│ * For building microservice extensions to the core that run externally\n │ events | * Used by the Transaction Manager component\n └─────┬─────────┘ * Filtering to specific object types\n │\n ┌─────┴─────────┐ - Core data types\n │ fftypes [Ft]│ * Used for API and Serialization\n │ │ * APIs can mask fields on input via router definition\n └─────┬─────────┘\n │\n ┌─────┴─────────┐ - Core runtime server. Initializes and owns instances of:\n │ [Or]│ * Components: Implement features\n ┌───────┬───┤ orchestrator │ * Plugins: Pluggable infrastructure services\n │ │ │ │ - Exposes actions to router\n │ │ └───────────────┘ * Processing starts here for all API calls\n │ │\n │ Components: Components do the heavy lifting within the engine\n │ │\n │ │ ┌───────────────┐ - Integrates with Blockchain Smart Contract logic across blockchain technologies\n │ ├───┤ contract [Cm]│ * Generates OpenAPI 3 / Swagger definitions for smart contracts, and propagates to network\n │ │ │ manager │ * Manages listeners for native Blockchain events, and routes those to application events\n │ │ └───────────────┘ * Convert to/from native Blockchain interfaces (ABI etc.) and FireFly Interface [FFI] format\n │ │\n │ │ ┌───────────────┐ - Maintains a view of the entire network\n │ ├───┤ network [Nm]│ * Integrates with network permissioning [NP] plugin\n │ │ │ map │ * Integrates with broadcast plugin\n │ │ └───────────────┘ * Handles hierarchy of member identity, node identity and signing identity\n │ │\n │ │ ┌───────────────┐ - Broadcast of data to all parties in the network\n │ ├───┤ broadcast [Bm]│ * Implements dispatcher for batch component\n │ │ │ manager | * Integrates with shared storage interface [Ss] plugin\n │ │ └───────────────┘ * Integrates with blockchain interface [Bi] plugin\n │ │\n │ │ ┌───────────────┐ - Send private data to individual parties in the network\n │ ├───┤ private [Pm]│ * Implements dispatcher for batch component\n │ │ │ messaging | * Integrates with the data exchange [Dx] plugin\n │ │ └──────┬────────┘ * Messages can be pinned and sequenced via the blockchain, or just sent\n │ │ │\n │ │ ┌──────┴────────┐ - Groups of parties, with isolated data and/or blockchains\n │ │ │ group [Gm]│ * Integrates with data exchange [Dx] plugin\n │ │ │ manager │ * Integrates with blockchain interface [Bi] plugin\n │ │ └───────────────┘\n │ │\n │ │ ┌───────────────┐ - Private data management and validation\n │ ├───┤ data [Dm]│ * Implements dispatcher for batch component\n │ │ │ manager │ * Integrates with data exchange [Dx] plugin\n │ │ └──────┬────────┘ * Integrates with blockchain interface [Bi] plugin\n │ │ │\n │ │ ┌──────┴────────┐ - JSON data schema management and validation (architecture extensible to XML and more)\n │ │ │ json [Jv]│ * JSON Schema validation logic for outbound and inbound messages\n │ │ │ validator │ * Schema propagation\n │ │ └──────┬────────┘ * Integrates with broadcast plugin\n │ │ │\n │ │ ┌──────┴────────┐ - Binary data addressable via ID or Hash\n │ │ │ blobstore [Bs]│ * Integrates with data exchange [Dx] plugin\n │ │ │ │ * Hashes data, and maintains mapping to payload references in blob storage\n │ │ └───────────────┘ * Integrates with blockchain interface [Bi] plugin\n │ │\n │ │ ┌───────────────┐ - Download from shared storage\n │ ├───┤ shared [Sd]│ * Parallel asynchronous download\n │ │ │ download │ * Resilient retry and crash recovery\n │ │ └───────────────┘ * Notification to event aggregator on completion\n │ │\n │ │ ┌───────────────┐\n │ ├───┤ identity [Im] │ - Central identity management service across components\n │ │ │ manager │ * Resolves API input identity + key combos (short names, formatting etc.)\n │ │ │ │ * Resolves registered on-chain signing keys back to identities\n │ │ └───────────────┘ * Integrates with Blockchain Interface and pluggable Identity Interface (TBD)\n │ │\n │ │ ┌───────────────┐ - Keeps track of all operations performed against external components via plugins\n │ ├───┤ operation [Om]│ * Updates database with inputs/outputs\n │ │ │ manager │ * Provides consistent retry semantics across plugins\n │ │ └───────────────┘\n │ │\n │ │ ┌───────────────┐ - Private data management and validation\n │ ├───┤ event [Em]│ * Implements dispatcher for batch component\n │ │ │ manager │ * Integrates with data exchange [Dx] plugin\n │ │ └──────┬────────┘ * Integrates with blockchain interface [Bi] plugin\n │ │ │\n │ │ ┌──────┴────────┐ - Handles incoming external data\n │ │ │ [Ag]│ * Integrates with data exchange [Dx] plugin\n │ │ │ aggregator │ * Integrates with shared storage interface [Ss] plugin\n │ │ │ │ * Integrates with blockchain interface [Bi] plugin\n │ │ │ │ - Ensures valid events are dispatched only once all data is available\n │ │ └──────┬────────┘ * Context aware, to prevent block-the-world scenarios\n │ │ │\n │ │ ┌──────┴────────┐ - Subscription manager\n │ │ │ [Sm]│ * Creation and management of subscriptions\n │ │ │ subscription │ * Creation and management of subscriptions\n │ │ │ manager │ * Message to Event matching logic\n │ │ └──────┬────────┘\n │ │ │\n │ │ ┌──────┴────────┐ - Manages delivery of events to connected applications\n │ │ │ event [Ed]│ * Integrates with data exchange [Dx] plugin\n │ │ │ dispatcher │ * Integrates with blockchain interface [Bi] plugin\n │ │ └───────────────┘\n │ │\n │ │ ┌───────────────┐ - Token creation/transfer initiation, indexing and coordination\n │ ├───┤ asset [Am]│ * Fungible tokens: Digitized value/settlement (coins)\n │ │ │ manager │ * Non-fungible tokens: NFTs / globally uniqueness / digital twins\n │ │ └───────────────┘ * Full indexing of transaction history\n │ │ [REST/WebSockets]\n │ │ ┌─────┴─────────────┐ ┌──────────┐ ┌─ \n │ │ │ ERC-20 / ERC-721 ├───┤ ERC-1155 ├───┤ Simple framework for building token connectors\n │ │ └───────────────────┘ └──────────┘ └─ \n │ │\n │ │ ┌───────────────┐\n │ ├───┤ sync / [Sa] │ - Sync/Async Bridge\n │ │ │ async bridge │ * Provides synchronous request/reply APIs\n │ │ │ │ * Translates to underlying event-driven API\n │ │ └───────────────┘\n │ │\n │ │ ┌───────────────┐ - Aggregates messages and data, with rolled up hashes for pinning\n │ ├───┤ batch [Ba]│ * Pluggable dispatchers\n │ │ │ manager │ - Database decoupled from main-line API processing\n │ │ │ │ * See architecture diagrams for more info on active/active sequencing\n │ │ └──────┬────────┘ - Manages creation of batch processor instances\n │ │ │\n │ │ ┌──────┴────────┐ - Short lived agent spun up to assemble batches on demand\n │ │ │ batch [Bp]│ * Coupled to an author+type of messages\n │ │ │ processor │ - Builds batches of 100s messages for efficient pinning\n │ │ │ │ * Aggregates messages and data, with rolled up hashes for pinning\n │ │ └───────────────┘ - Shuts down automatically after a configurable inactivity period\n │ ... more TBD\n │\nPlugins: Each plugin comprises a Go shim, plus a remote agent microservice runtime (if required)\n │\n │ ┌───────────────┐ - Blockchain Interface\n ├───────────┤ [Bi]│ * Transaction submission - including signing key management\n │ │ blockchain │ * Event listening\n │ │ interface │ * Standardized operations, and custom on-chain coupling\n │ └─────┬─────────┘\n │ │\n │ ├─────────────────────┬───────────────────┬-───────────────────┬-───────────────────┐\n │ ┌─────┴─────────┐ ┌───────┴───────┐ ┌───────┴────────┐ ┌───────┴────────┐ ┌───────┴────────┐\n │ │ ethereum │ │ fabric │ │ corda/cordapps │ │ tezos │ │ cardano │\n │ └─────┬─────────┘ └───────────────┘ └────────────────┘ └────────────────┘ └────────────────┘\n │ [REST/WebSockets]\n │ ┌─────┴────────────────────┐ ┌────────────────────────┐ ┌─ \n │ │ transaction manager [Tm] ├───┤ Connector API [ffcapi] ├───┤ Simple framework for building blockchain connectors\n │ └──────────────────────────┘ └────────────────────────┘ └─ \n │ \n │ ┌───────────────┐ - Token interface\n ├───────────┤ tokens [Ti]│ * Standardizes core concepts: token pools, transfers, approvals\n │ │ interface │ * Pluggable across token standards\n │ └───────────────┘ * Supports simple implementation of custom token standards via microservice connector\n │ [REST/WebSockets]\n │ ┌─────┴─────────────┐ ┌──────────┐ ┌─ \n │ │ ERC-20 / ERC-721 ├───┤ ERC-1155 ├───┤ Simple framework for building token connectors\n │ └───────────────────┘ └──────────┘ └─ \n │\n │ ┌───────────────┐ - P2P Content Addressed Filesystem\n ├───────────┤ shared [Si]│ * Payload upload / download\n │ │ storage │ * Payload reference management\n │ │ interface │\n │ └─────┬─────────┘\n │ │\n │ ├───────── ... extensible to any shared storage system, accessible to all members\n │ ┌─────┴─────────┐\n │ │ ipfs │\n │ └───────────────┘\n │\n │ ┌───────────────┐ - Private Data Exchange\n ├───────────┤ data [Dx]│ * Blob storage\n │ │ exchange │ * Private secure messaging\n │ └─────┬─────────┘ * Secure file transfer\n │ │\n │ ├─────────────────────┬────────── ... extensible to any private data exchange tech\n │ ┌─────┴─────────┐ ┌───────┴───────┐\n │ │ https / MTLS │ │ Kaleido │\n │ └───────────────┘ └───────────────┘\n │\n │ ┌───────────────┐ - API Authentication and Authorization Interface\n ├───────────┤ api auth [Aa]│ * Authenticates security credentials (OpenID Connect id token JWTs etc.)\n │ │ │ * Extracts API/user identity (for identity interface to map)\n │ └─────┬─────────┘ * Enforcement point for fine grained API access control\n │ │\n │ ├─────────────────────┬────────── ... extensible other single sign-on technologies\n │ ┌─────┴─────────┐ ┌───────┴───────┐\n │ │ apikey │ │ jwt │\n │ └───────────────┘ └───────────────┘\n │\n │ ┌───────────────┐ - Database Interactions\n ├───────────┤ database [Di]│ * Create, Read, Update, Delete (CRUD) actions\n │ │ interface │ * Filtering and update definition interface\n │ └─────┬─────────┘ * Migrations and Indexes\n │ │\n │ ├───────── ... extensible to NoSQL (CouchDB / MongoDB etc.)\n │ ┌─────┴─────────┐\n │ │ sqlcommon │\n │ └─────┬─────────┘\n │ ├───────────────────────┬───────── ... extensible other SQL databases\n │ ┌─────┴─────────┐ ┌───────┴────────┐\n │ │ postgres │ │ sqlite3 │\n │ └───────────────┘ └────────────────┘\n │\n │ ┌───────────────┐ - Connects the core event engine to external frameworks and applications\n ├───────────┤ event [Ei]│ * Supports long-lived (durable) and ephemeral event subscriptions\n │ │ interface │ * Batching, filtering, all handled in core prior to transport\n │ └─────┬─────────┘ * Interface supports connect-in (websocket) and connect-out (broker runtime style) plugins\n │ │\n │ ├───────────────────────┬────────── ... extensible to additional event buses (Kafka, NATS, AMQP etc.)\n │ ┌─────┴─────────┐ ┌───────┴────────┐\n │ │ websockets │ │ webhooks │\n │ └───────────────┘ └────────────────┘\n │ ... more TBD\n\n Additional utility frameworks\n ┌───────────────┐ - REST API client\n │ rest [Re]│ * Provides convenience and logging\n │ client │ * Standardizes auth, config and retry logic\n └───────────────┘ * Built on Resty\n\n ┌───────────────┐ - WebSocket client\n │ wsclient [Wc]│ * Provides convenience and logging\n │ │ * Standardizes auth, config and reconnect logic\n └───────────────┘ * Built on Gorilla WebSockets\n\n ┌───────────────┐ - Translation framework\n │ i18n [In]│ * Every translations must be added to `en_translations.json` - with an `FF10101` key\n │ │ * Errors are wrapped, providing extra features from the `errors` package (stack etc.)\n └───────────────┘ * Description translations also supported, such as OpenAPI description\n\n ┌───────────────┐ - Logging framework\n │ log [Lo]│ * Logging framework (logrus) integrated with context based tagging\n │ │ * Context is used throughout the code to pass API invocation context, and logging context\n └───────────────┘ * Example: Every API call has an ID that can be traced, as well as a timeout\n\n ┌───────────────┐ - Configuration\n │ config [Co]│ * File and Environment Variable based logging framework (viper)\n │ │ * Primary config keys all defined centrally\n └───────────────┘ * Plugins integrate by returning their config structure for unmarshaling (JSON tags)\n\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhyperledger-firefly%2Ffirefly","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhyperledger-firefly%2Ffirefly","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhyperledger-firefly%2Ffirefly/lists"}