{"id":42148675,"url":"https://github.com/meshplus/bitxhub","last_synced_at":"2026-01-26T18:09:19.387Z","repository":{"id":36963720,"uuid":"216151106","full_name":"meshplus/bitxhub","owner":"meshplus","description":"Interchain protocol 跨链协议","archived":false,"fork":false,"pushed_at":"2024-06-03T04:04:10.000Z","size":103794,"stargazers_count":593,"open_issues_count":4,"forks_count":90,"subscribers_count":25,"default_branch":"master","last_synced_at":"2024-06-18T15:24:22.877Z","etag":null,"topics":["blockchain","ibtp","interoperability","relay-chain"],"latest_commit_sha":null,"homepage":"https://bitxhub.cn","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"lgpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/meshplus.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"COPYING","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-10-19T04:53:00.000Z","updated_at":"2024-05-29T07:15:25.000Z","dependencies_parsed_at":"2023-12-06T08:17:05.408Z","dependency_job_id":null,"html_url":"https://github.com/meshplus/bitxhub","commit_stats":{"total_commits":892,"total_committers":33,"mean_commits":27.03030303030303,"dds":0.8195067264573991,"last_synced_commit":"81079b6bb32b6672f1ff00ec5195ce6630bafc82"},"previous_names":[],"tags_count":42,"template":false,"template_full_name":null,"purl":"pkg:github/meshplus/bitxhub","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/meshplus%2Fbitxhub","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/meshplus%2Fbitxhub/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/meshplus%2Fbitxhub/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/meshplus%2Fbitxhub/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/meshplus","download_url":"https://codeload.github.com/meshplus/bitxhub/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/meshplus%2Fbitxhub/sbom","scorecard":{"id":637213,"data":{"date":"2025-08-11","repo":{"name":"github.com/meshplus/bitxhub","commit":"babba6649113ef6c698d3d48ab5d3c09becfc93b"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/build.yml:1","Warn: no topLevel permission defined: .github/workflows/notify.yml:1","Warn: no topLevel permission defined: .github/workflows/release.yml:1","Warn: no topLevel permission defined: .github/workflows/smoke_test.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":4,"reason":"binaries present in source code","details":["Warn: binary detected: build/wasm/lib/darwin-amd64/libwasmer.dylib:1","Warn: binary detected: build/wasm/lib/linux-aarch64/libwasmer.so:1","Warn: binary detected: build/wasm/lib/linux-amd64/libwasmer.so:1","Warn: binary detected: scripts/quick_start/fabric_rule.wasm:1","Warn: binary detected: tester/test_data/fabric_policy.wasm:1","Warn: binary detected: tester/test_data/hpc_rule.wasm:1"],"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: COPYING:0","Info: FSF or OSI recognized license: GNU Lesser General Public License v3.0: COPYING:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v2.8.0 not signed: https://api.github.com/repos/meshplus/bitxhub/releases/89511548","Warn: release artifact v2.6.0 not signed: https://api.github.com/repos/meshplus/bitxhub/releases/85504953","Warn: release artifact v2.5.0 not signed: https://api.github.com/repos/meshplus/bitxhub/releases/81506019","Warn: release artifact v2.3.0 not signed: https://api.github.com/repos/meshplus/bitxhub/releases/82347997","Warn: release artifact v2.0.0 not signed: https://api.github.com/repos/meshplus/bitxhub/releases/73494747","Warn: release artifact v2.8.0 does not have provenance: https://api.github.com/repos/meshplus/bitxhub/releases/89511548","Warn: release artifact v2.6.0 does not have provenance: https://api.github.com/repos/meshplus/bitxhub/releases/85504953","Warn: release artifact v2.5.0 does not have provenance: https://api.github.com/repos/meshplus/bitxhub/releases/81506019","Warn: release artifact v2.3.0 does not have provenance: https://api.github.com/repos/meshplus/bitxhub/releases/82347997","Warn: release artifact v2.0.0 does not have provenance: https://api.github.com/repos/meshplus/bitxhub/releases/73494747"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Pinned-Dependencies","score":2,"reason":"dependency not pinned by hash detected -- score normalized to 2","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/meshplus/bitxhub/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/meshplus/bitxhub/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/meshplus/bitxhub/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/meshplus/bitxhub/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/meshplus/bitxhub/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/meshplus/bitxhub/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/meshplus/bitxhub/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/meshplus/bitxhub/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/meshplus/bitxhub/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/meshplus/bitxhub/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/notify.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/meshplus/bitxhub/notify.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/notify.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/meshplus/bitxhub/notify.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/meshplus/bitxhub/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/meshplus/bitxhub/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/meshplus/bitxhub/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/meshplus/bitxhub/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/meshplus/bitxhub/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/meshplus/bitxhub/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/smoke_test.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/meshplus/bitxhub/smoke_test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/smoke_test.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/meshplus/bitxhub/smoke_test.yml/master?enable=pin","Warn: containerImage not pinned by hash: Dockerfile:1","Warn: containerImage not pinned by hash: Dockerfile:21: pin your Docker image by updating frolvlad/alpine-glibc:glibc-2.32 to frolvlad/alpine-glibc:glibc-2.32@sha256:d53196cea41a79bc3c07659b424b3f187584516c583b3fadaeee1833779bd1ce","Warn: downloadThenRun not pinned by hash: scripts/quick_start/ffn.sh:43","Info:   0 out of  15 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   5 third-party GitHubAction dependencies pinned","Info:   0 out of   2 containerImage dependencies pinned","Info:   3 out of   3 goCommand dependencies pinned","Info:   0 out of   1 downloadThenRun dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"18 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-2326-pfpj-vx3h","Warn: Project is vulnerable to: RUSTSEC-2023-0086","Warn: Project is vulnerable to: GHSA-2gh3-rmm4-6rq5","Warn: Project is vulnerable to: RUSTSEC-2024-0437","Warn: Project is vulnerable to: RUSTSEC-2020-0071 / GHSA-wcg3-cvx6-7396","Warn: Project is vulnerable to: GO-2022-0256 / GHSA-59hh-656j-3p7v","Warn: Project is vulnerable to: GO-2022-0456 / GHSA-wjxw-gh3m-7pm5","Warn: Project is vulnerable to: GO-2023-2046 / GHSA-ppjg-v974-84cm","Warn: Project is vulnerable to: GO-2024-2819 / GHSA-4xc9-8hmq-j652","Warn: Project is vulnerable to: GHSA-5m8f-chrv-7rw5","Warn: Project is vulnerable to: GHSA-pvx3-gm3c-gmpr","Warn: Project is vulnerable to: GHSA-rqmg-hrg4-fm69","Warn: Project is vulnerable to: GHSA-v9jh-j8px-98vq","Warn: Project is vulnerable to: GHSA-vmf7-hmh6-vv57","Warn: Project is vulnerable to: GHSA-vrcc-g6vj-mh5w","Warn: Project is vulnerable to: GO-2022-0322 / GHSA-cg3q-j54f-5p7p","Warn: Project is vulnerable to: GO-2021-0265 / GHSA-ppj4-34rq-v8j9","Warn: Project is vulnerable to: GO-2023-2153 / GHSA-m425-mq94-257g / GHSA-qppj-fm5r-hxr3"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-21T09:33:41.495Z","repository_id":36963720,"created_at":"2025-08-21T09:33:41.496Z","updated_at":"2025-08-21T09:33:41.496Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28784093,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-26T13:55:28.044Z","status":"ssl_error","status_checked_at":"2026-01-26T13:55:26.068Z","response_time":59,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["blockchain","ibtp","interoperability","relay-chain"],"created_at":"2026-01-26T18:09:16.132Z","updated_at":"2026-01-26T18:09:19.382Z","avatar_url":"https://github.com/meshplus.png","language":"Go","funding_links":[],"categories":["Go"],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://raw.githubusercontent.com/meshplus/bitxhub/master/docs/logo.png\" /\u003e\n\u003c/p\u003e\n\n![build](https://github.com/meshplus/bitxhub/workflows/build/badge.svg)\n[![codecov](https://codecov.io/gh/meshplus/bitxhub/branch/master/graph/badge.svg)](https://codecov.io/gh/meshplus/bitxhub)\n[![Go Report Card](https://goreportcard.com/badge/github.com/meshplus/bitxhub)](https://goreportcard.com/report/github.com/meshplus/bitxhub)\n\nBitXHub is committed to building a scalable, robust, and pluggable inter-blockchain\nreference implementation, that can provide reliable technical support for the formation\nof a blockchain internet and intercommunication of value islands.\n\n**For more details please visit our [documentation](https://docs.bitxhub.cn/) and [whitepaper](https://upload.hyperchain.cn/BitXHub%20Whitepaper.pdf) | [白皮书](https://upload.hyperchain.cn/BitXHub%E7%99%BD%E7%9A%AE%E4%B9%A6.pdf).**\n\n## Start\n\nBitXHub start script relies on [golang](https://golang.org/) and [tmux](https://github.com/tmux/tmux/wiki). Please\ninstall the software before start.\n\nUse commands below to clone the project:\n\n```shell\ngit clone git@github.com:meshplus/bitxhub.git\n```\n\nBitXHub also relies on some small tools, use commands below to install:\n\n```shell\ncd bitxhub\nbash scripts/prepare.sh \n```\n\nFinally, run the following commands to start a four nodes relay-chain.\n\n```shell\nmake cluster\n```\n\n**Noting:** `make cluster` will use `tmux` to split the screen. Thus, during commands processing, better not switch the terminal.\n\n## Playground\nSimply go to [BitXHub Document](https://meshplus.github.io/bitxhub/bitxhub/quick_start/) and follow the tutorials.\n\n\n## Contributing\n\nSee [CONTRIBUTING.md](https://github.com/meshplus/bitxhub/blob/master/CONTRIBUTING.md).\n\n## Contact\n\nEmail: bitxhub@hyperchain.cn\n\nWechat: If you‘re interested in BitXHub, please add the assistant to join our community group.\n\n\u003cimg src=\"https://raw.githubusercontent.com/meshplus/bitxhub/master/docs/wechat.png\" width=\"200\" /\u003e\u003cimg src=\"https://raw.githubusercontent.com/meshplus/bitxhub/master/docs/official.png\" width=\"206\" /\u003e\n\n## License\n\nThe BitXHub library (i.e. all code outside of the cmd and internal directory) is licensed under the GNU Lesser General Public License v3.0, also included in our repository in the COPYING.LESSER file.\n\nThe BitXHub binaries (i.e. all code inside of the cmd and internal directory) is licensed under the GNU General Public License v3.0, also included in our repository in the COPYING file.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmeshplus%2Fbitxhub","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmeshplus%2Fbitxhub","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmeshplus%2Fbitxhub/lists"}