{"id":13729934,"url":"https://github.com/status-im/nimbus-eth1","last_synced_at":"2026-05-20T10:01:33.397Z","repository":{"id":36952643,"uuid":"116221698","full_name":"status-im/nimbus-eth1","owner":"status-im","description":"Nimbus: an Ethereum Execution Client for Resource-Restricted Devices","archived":false,"fork":false,"pushed_at":"2026-04-29T13:16:36.000Z","size":84257,"stargazers_count":626,"open_issues_count":119,"forks_count":154,"subscribers_count":70,"default_branch":"master","last_synced_at":"2026-04-29T13:33:09.284Z","etag":null,"topics":["android","blockchain","ethereum","hacktoberfest","ios","mobile","nim","nim-lang","nim-language","nimbus","portal-network","raspberry-pi"],"latest_commit_sha":null,"homepage":"https://status-im.github.io/nimbus-eth1/","language":"Nim","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/status-im.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE-APACHEv2","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2018-01-04T06:08:23.000Z","updated_at":"2026-04-29T11:47:48.000Z","dependencies_parsed_at":"2023-01-17T07:46:45.452Z","dependency_job_id":"c19c7758-24db-497d-869b-468c475941d1","html_url":"https://github.com/status-im/nimbus-eth1","commit_stats":null,"previous_names":["status-im/nimbus"],"tags_count":8,"template":false,"template_full_name":null,"purl":"pkg:github/status-im/nimbus-eth1","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/status-im%2Fnimbus-eth1","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/status-im%2Fnimbus-eth1/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/status-im%2Fnimbus-eth1/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/status-im%2Fnimbus-eth1/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/status-im","download_url":"https://codeload.github.com/status-im/nimbus-eth1/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/status-im%2Fnimbus-eth1/sbom","scorecard":{"id":320408,"data":{"date":"2025-08-11","repo":{"name":"github.com/status-im/nimbus-eth1","commit":"166d9dc744f56ac4c8c5bced5762dee0201b2951"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5,"checks":[{"name":"Code-Review","score":3,"reason":"Found 11/30 approved changesets -- score normalized to 3","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE-APACHEv2:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE-APACHEv2:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact nightly not signed: https://api.github.com/repos/status-im/nimbus-eth1/releases/240427402","Warn: release artifact nightly does not have provenance: https://api.github.com/repos/status-im/nimbus-eth1/releases/240427402"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/build_base_image.yml:1","Warn: no topLevel permission defined: .github/workflows/ci.yml:1","Warn: no topLevel permission defined: .github/workflows/kurtosis.yml:1","Warn: no topLevel permission defined: .github/workflows/matrix_config.yml:1","Warn: no topLevel permission defined: .github/workflows/nightly_build.yml:1","Warn: no topLevel permission defined: .github/workflows/nimbus_docker_build.yml:1","Warn: no topLevel permission defined: .github/workflows/nimbus_verified_proxy.yml:1","Warn: no topLevel permission defined: .github/workflows/portal.yml:1","Warn: topLevel 'contents' permission set to 'write': .github/workflows/portal_docs.yml:19","Warn: no topLevel permission defined: .github/workflows/portal_nightly_docker.yml:1","Warn: no topLevel permission defined: .github/workflows/release.yml:1","Warn: no topLevel permission defined: .github/workflows/simulators.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/nimbus_docker_build.yml:30"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Info: Possibly incomplete results: error parsing shell code: parameter expansion requires a literal: env.sh:0","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_base_image.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/build_base_image.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_base_image.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/build_base_image.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_base_image.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/build_base_image.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_base_image.yml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/build_base_image.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build_base_image.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/build_base_image.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build_base_image.yml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/build_base_image.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build_base_image.yml:106: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/build_base_image.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/ci.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/kurtosis.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/kurtosis.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/kurtosis.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/kurtosis.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/kurtosis.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/kurtosis.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/kurtosis.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/kurtosis.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/kurtosis.yml:257: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/kurtosis.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/matrix_config.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/matrix_config.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightly_build.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/nightly_build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightly_build.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/nightly_build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightly_build.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/nightly_build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightly_build.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/nightly_build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightly_build.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/nightly_build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/nightly_build.yml:116: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/nightly_build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/nightly_build.yml:130: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/nightly_build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/nimbus_docker_build.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/nimbus_docker_build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nimbus_docker_build.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/nimbus_docker_build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/nimbus_docker_build.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/nimbus_docker_build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/nimbus_docker_build.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/nimbus_docker_build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/nimbus_docker_build.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/nimbus_docker_build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nimbus_docker_build.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/nimbus_docker_build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nimbus_docker_build.yml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/nimbus_docker_build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/nimbus_docker_build.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/nimbus_docker_build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/nimbus_docker_build.yml:116: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/nimbus_docker_build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/nimbus_docker_build.yml:120: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/nimbus_docker_build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nimbus_verified_proxy.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/nimbus_verified_proxy.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nimbus_verified_proxy.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/nimbus_verified_proxy.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/portal.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/portal.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/portal.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/portal.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/portal.yml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/portal.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/portal.yml:185: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/portal.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/portal_docs.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/portal_docs.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/portal_docs.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/portal_docs.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/portal_docs.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/portal_docs.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/portal_nightly_docker.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/portal_nightly_docker.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/portal_nightly_docker.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/portal_nightly_docker.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:115: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:142: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:157: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/simulators.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/simulators.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/simulators.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/simulators.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/simulators.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/simulators.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/simulators.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/simulators.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/simulators.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/simulators.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/simulators.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/status-im/nimbus-eth1/simulators.yml/master?enable=pin","Warn: containerImage not pinned by hash: Dockerfile:11","Warn: containerImage not pinned by hash: Dockerfile:29","Warn: containerImage not pinned by hash: Dockerfile.debug:8","Warn: containerImage not pinned by hash: Dockerfile.debug:34","Warn: containerImage not pinned by hash: docker/dist/Dockerfile.macos-arm64:16: pin your Docker image by updating ubuntu:24.04 to ubuntu:24.04@sha256:7c06e91f61fa88c08cc74f7e1b7c69ae24910d745357e0dfe1d2c0322aaf20f9","Warn: containerImage not pinned by hash: docker/dist/base_image/Dockerfile.linux-amd64:19: pin your Docker image by updating ubuntu:22.04 to ubuntu:22.04@sha256:1aa979d85661c488ce030ac292876cf6ed04535d3a237e49f61542d8e5de5ae0","Warn: containerImage not pinned by hash: docker/dist/base_image/Dockerfile.linux-arm64:19: pin your Docker image by updating ubuntu:22.04 to ubuntu:22.04@sha256:1aa979d85661c488ce030ac292876cf6ed04535d3a237e49f61542d8e5de5ae0","Warn: containerImage not pinned by hash: docker/dist/base_image/Dockerfile.macos-arm64:29","Warn: containerImage not pinned by hash: docker/dist/base_image/Dockerfile.macos-arm64:36","Warn: containerImage not pinned by hash: docker/dist/base_image/Dockerfile.macos-arm64:44","Warn: containerImage not pinned by hash: docker/dist/base_image/Dockerfile.macos-arm64:76","Warn: containerImage not pinned by hash: docker/dist/base_image/Dockerfile.windows-amd64:19: pin your Docker image by updating ubuntu:22.04 to ubuntu:22.04@sha256:1aa979d85661c488ce030ac292876cf6ed04535d3a237e49f61542d8e5de5ae0","Warn: containerImage not pinned by hash: docker/dist/binaries/Dockerfile.linux-amd64:11: pin your Docker image by updating debian:bullseye-slim to debian:bullseye-slim@sha256:849d9d34d5fe0bf88b5fb3d09eb9684909ac4210488b52f4f7bbe683eedcb851","Warn: containerImage not pinned by hash: docker/dist/binaries/Dockerfile.linux-arm64:11: pin your Docker image by updating arm64v8/debian:bullseye-slim to arm64v8/debian:bullseye-slim@sha256:7769b9cd6a654066da8a394e6aa37d503577f56c9617d2c5ee334f3717fef1b6","Warn: containerImage not pinned by hash: hive_integration/nimbus/Dockerfile:14","Warn: containerImage not pinned by hash: hive_integration/nimbus/Dockerfile:35","Warn: containerImage not pinned by hash: portal/docker/Dockerfile:8","Warn: containerImage not pinned by hash: portal/docker/Dockerfile:33","Warn: containerImage not pinned by hash: portal/docker/Dockerfile.debug:8","Warn: containerImage not pinned by hash: portal/docker/Dockerfile.debug:36","Warn: containerImage not pinned by hash: portal/docker/Dockerfile.debug.linux:8: pin your Docker image by updating debian:stable-slim to debian:stable-slim@sha256:8810492a2dd16b7f59239c1e0cc1e56c1a1a5957d11f639776bd6798e795608b","Warn: containerImage not pinned by hash: portal/tools/utp_testing/docker/Dockerfile:11","Warn: containerImage not pinned by hash: portal/tools/utp_testing/docker/Dockerfile:31","Warn: pipCommand not pinned by hash: .github/workflows/portal_docs.yml:36","Info:   0 out of  37 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of  19 third-party GitHubAction dependencies pinned","Info:   4 out of  27 containerImage dependencies pinned","Info:   0 out of   1 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-18T01:13:01.287Z","repository_id":36952643,"created_at":"2025-08-18T01:13:01.287Z","updated_at":"2025-08-18T01:13:01.287Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32490852,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-30T13:12:12.517Z","status":"online","status_checked_at":"2026-05-01T02:00:05.856Z","response_time":64,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["android","blockchain","ethereum","hacktoberfest","ios","mobile","nim","nim-lang","nim-language","nimbus","portal-network","raspberry-pi"],"created_at":"2024-08-03T02:01:07.731Z","updated_at":"2026-05-01T09:06:52.637Z","avatar_url":"https://github.com/status-im.png","language":"Nim","funding_links":[],"categories":["Misc","Algorithms","Nim","Web 3.0"],"sub_categories":["Validator Clients","Blockchain"],"readme":"# Nimbus: ultra-light Ethereum execution layer client\n[![License: Apache](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)\n[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT)\n[![GH action-nimbus-eth1](https://github.com/status-im/nimbus-eth1/actions/workflows/ci.yml/badge.svg)](https://github.com/status-im/nimbus-eth1/actions/workflows/ci.yml)\n[![GH action-portal](https://github.com/status-im/nimbus-eth1/actions/workflows/portal.yml/badge.svg)](https://github.com/status-im/nimbus-eth1/actions/workflows/portal.yml)\n\n[![Discord: Nimbus](https://img.shields.io/badge/discord-nimbus-orange.svg)](https://discord.gg/XRxWahP)\n[![Status: #nimbus-general](https://img.shields.io/badge/status-nimbus--general-orange.svg)](https://get.status.im/chat/public/nimbus-general)\n\n## Introduction\n\nThis repository contains development work on an execution-layer client to pair with [our consensus-layer client](https://github.com/status-im/nimbus-eth2). This client focuses on efficiency and security and strives to be as light-weight as possible in terms of resources used.\n\nThis repository is also home to:\n-  [Nimbus Portal client](./portal/README.md), a\n[Portal Network](https://github.com/ethereum/portal-network-specs/tree/master)\nlight client.\n- [Nimbus Verified Proxy](./nimbus_verified_proxy/README.md)\n\nAll consensus-layer client development is happening in parallel in the\n[nimbus-eth2](https://github.com/status-im/nimbus-eth2) repository.\n\n## Development Updates\n\nFor more detailed write-ups on the development progress, follow the\n[Nimbus blog](https://blog.nimbus.team/).\n\n## Building \u0026 Testing\n\n### Prerequisites\n\n* GNU Make, Bash and the usual POSIX utilities. Git 2.9.4 or newer.\n\n#### Obtaining the prerequisites through the Nix package manager\n\n*Experimental*\n\nUsers of the [Nix package manager](https://nixos.org/nix/download.html) can install all prerequisites simply by running:\n\n``` bash\nnix-shell default.nix\n```\n\n### Build \u0026 Develop\n\n#### POSIX-compatible OS\n\n```bash\n# The first `make` invocation will update all Git submodules.\n# You'll run `make update` after each `git pull`, in the future, to keep those submodules up to date.\n# Assuming you have 4 CPU cores available, you can ask Make to run 4 parallel jobs, with \"-j4\".\n\nmake -j4 nimbus_execution_client\n\n# See available command line options\nbuild/nimbus_execution_client --help\n\n# Start syncing with mainnet\nbuild/nimbus_execution_client\n\n# Update to latest version\ngit pull \u0026\u0026 make update\n# Build the newly downloaded version\nmake -j4 nimbus_execution_client\n\n# Run tests\nmake test\n```\n\nTo run a command that might use binaries from the Status Nim fork:\n```bash\n./env.sh bash # start a new interactive shell with the right env vars set\nwhich nim\nnim --version\n\n# or without starting a new interactive shell:\n./env.sh which nim\n./env.sh nim --version\n```\n\n#### Windows\n\n_(Experimental support!)_\n\nInstall Mingw-w64 for your architecture using the \"[MinGW-W64 Online\nInstaller](https://sourceforge.net/projects/mingw-w64/files/)\" (first link\nunder the directory listing). Run it and select your architecture in the setup\nmenu (\"i686\" on 32-bit, \"x86\\_64\" on 64-bit), set the threads to \"win32\" and\nthe exceptions to \"dwarf\" on 32-bit and \"seh\" on 64-bit. Change the\ninstallation directory to \"C:\\mingw-w64\" and add it to your system PATH in \"My\nComputer\"/\"This PC\" -\u003e Properties -\u003e Advanced system settings -\u003e Environment\nVariables -\u003e Path -\u003e Edit -\u003e New -\u003e C:\\mingw-w64\\mingw64\\bin (it's \"C:\\mingw-w64\\mingw32\\bin\" on 32-bit)\n\nInstall [Git for Windows](https://gitforwindows.org/) and use it to clone Nimbus.\n\nInstall [cmake](https://cmake.org/).\n\nAfter adding the Git bin directory to your path open a \"Git Bash\" shell:\n```bash\nbash\n```\n\nAfter installing Mingw-w64 and adding it to your path you should have the `mingw32-make` tool available. Next create a link from `make` to `mingw32-make`:\n\n```bash\nln -s mingw32-make.exe make.exe\n```\n\nYou can now follow those instructions in the previous section. For example:\n\n```bash\nmake nimbus_execution_client # build the Nimbus execution client binary\nmake test # run the test suite\n# etc.\n```\n\n#### Raspberry PI\n\n*Experimental* The code can be compiled on a Raspberry PI:\n\n* Raspberry Pi 4+\n* 64GB SD Card (less might work too, but the default recommended 4-8GB will probably be too small)\n* [Rasbian Buster Lite](https://www.raspberrypi.org/downloads/raspbian/) - Lite version is enough to get going and will save some disk space!\n\nAssuming you're working with a freshly written image:\n\n```bash\n\n# Start by increasing swap size to 2gb:\nsudo vi /etc/dphys-swapfile\n# Set CONF_SWAPSIZE=2048\n# :wq\nsudo reboot\n\n# Install prerequisites\nsudo apt-get install git libgflags-dev libsnappy-dev\n\nmkdir status\ncd status\n\n# Raspberry pi doesn't include /usr/local/lib in library search path - need to add\nexport LD_LIBRARY_PATH=/usr/local/lib:$LD_LIBRARY_PATH\n\ngit clone https://github.com/status-im/nimbus-eth1.git\n\ncd nimbus-eth1\n\n# Follow instructions above!\n```\n\n#### Android\n\n*Experimental* Code can be compiled and run on Android devices\n\n##### Environment setup\n\n* Install the [Termux](https://termux.com) app from FDroid or the Google Play store\n* Install a [PRoot](https://wiki.termux.com/wiki/PRoot) of your choice following the instructions for your preferred distribution.\nNote, the Ubuntu PRoot is known to contain all Nimbus prerequisites compiled on Arm64 architecture (common architecture for Android devices).  Depending on the distribution, it may require effort beyond the scope of this guide to get all prerequisites.\n\n*Assuming Ubuntu PRoot is used*\n\n```bash\n# Install prerequisites\napt install git make gcc\n\n# Clone repo and build Nimbus just like above\ngit clone https://github.com/status-im/nimbus-eth1.git\n\ncd nimbus-eth1\n\nmake update\n\nmake nimbus_execution_client\n\nbuild/nimbus_execution_client\n```\n### \u003ca name=\"make-xvars\"\u003e\u003c/a\u003eExperimental make variables\n\nApart from standard Make flags (see link in the next [chapter](#devel-tips)),\nthe following Make variables can be set to control which version of a virtual\nengine is compiled. The variables are listed with decreasing priority (in\ncase of doubt, the lower prioritised variable is ignored when the higher on is\navailable.)\n\n * BOEHM_GC=1\u003cbr\u003e\n   Change garbage collector to `boehm`. This might help debugging in certain\n   cases when the `gc` is involved in a memory corruption or corruption\n   camouflage.\n\n * ENABLE_LINE_NUMBERS=1\u003cbr\u003e\n   Enables logger to print out source code location with log message\n\nFor these variables, using \u0026lt;variable\u0026gt;=0 is ignored and \u0026lt;variable\u0026gt;=2\nhas the same effect as \u0026lt;variable\u0026gt;=1 (ditto for other numbers.)\n\n### \u003ca name=\"devel-tips\"\u003e\u003c/a\u003eDevelopment tips\n\nInteresting Make variables and targets are documented in the [nimbus-build-system](https://github.com/status-im/nimbus-build-system) repo.\n\n- you can control the Makefile's verbosity with the V variable (defaults to 0):\n\n```bash\nmake V=1 # verbose\nmake V=2 test # even more verbose\n```\n\n- same for the [Chronicles log level](https://github.com/status-im/nim-chronicles#chronicles_log_level):\n\n```bash\nmake LOG_LEVEL=DEBUG nimbus_execution_client # this is the default\nmake LOG_LEVEL=TRACE nimbus_execution_client # log everything\n```\n\n- pass arbitrary parameters to the Nim compiler:\n\n```bash\nmake NIMFLAGS=\"-d:release\"\n```\n\n- if you want to use SSH keys with GitHub (also handles submodules):\n\n```bash\nmake github-ssh\n```\n\n- force a Nim compiler rebuild:\n\n```bash\nrm vendor/Nim/bin/nim\nmake -j8 build-nim\n```\n\n#### Git submodule workflow\n\nWorking on a dependency:\n\n```bash\ncd vendor/nim-chronicles\ngit checkout -b mybranch\n# make some changes\ngit status\ngit commit -a\ngit push origin mybranch\n# create a GitHub PR and wait for it to be approved and merged\ngit checkout master\ngit pull\ngit branch -d mybranch\n# realise that the merge was done without \"--no-ff\"\ngit branch -D mybranch\n# update the submodule's commit in the superproject\ncd ../..\ngit status\ngit add vendor/nim-chronicles\ngit commit\n```\n\nIt's important that you only update the submodule commit after it's available upstream.\n\nYou might want to do this on a new branch of the superproject, so you can make\na GitHub PR for it and see the CI test results.\n\nDon't update all Git submodules at once, just because you found the relevant\nGit command or `make` target. You risk updating submodules to other people's\nlatest commits when they are not ready to be used in the superproject.\n\nAdding the submodule \"https://github.com/status-im/foo\" to \"vendor/foo\":\n\n```bash\ngit submodule add --force https://github.com/status-im/foo.git \"vendor/foo\"\ngit config -f .gitmodules submodule.vendor.foo.ignore untracked\n```\n\nRemoving the submodule \"vendor/bar\":\n\n```bash\ngit submodule deinit -f -- vendor/bar\ngit rm -f vendor/bar\n```\n\nChecking out older commits, either to bisect something or to reproduce an older build:\n\n```bash\ngit checkout \u003ccommit hash here\u003e\nmake clean\nmake -j8 update\n```\n\nRunning a dependency's test suite using `nim` instead of `nimble` (which cannot be\nconvinced not to run a dependency check, thus clashing with our jury-rigged\n\"vendor/.nimble/pkgs\"):\n\n```bash\ncd vendor/nim-rocksdb\n../nimbus-build-system/scripts/nimble.sh test\n# or\n../../env.sh nimble test\n```\n\n### Metric visualisation\n\nInstall Prometheus and Grafana. On Gentoo, it's `emerge prometheus grafana-bin`.\n\n```bash\n# build Nimbus execution client\nmake nimbus_execution_client\n# the Prometheus daemon will create its data dir in the current dir, so give it its own directory\nmkdir ../my_metrics\n# copy the basic config file over there\ncp -a metrics/prometheus.yml ../my_metrics/\n# start Prometheus in a separate terminal\ncd ../my_metrics\nprometheus --config.file=prometheus.yml # loads ./prometheus.yml, writes metric data to ./data\n# start a fresh Nimbus sync and export metrics\nrm -rf ~/.cache/execution_chain/db; ./build/nimbus_execution_client --metrics:true\n```\n\nStart the Grafana server. On Gentoo it's `/etc/init.d/grafana start`. Go to\nhttp://localhost:3000, log in with admin:admin and change the password.\n\nAdd Prometheus as a data source. The default address of http://localhost:9090\nis OK, but Grafana 6.3.5 will not apply that semitransparent default you see in\nthe form field, unless you click on it.\n\nCreate a new dashboard. Click on its default title in the upper left corner\n(\"New Dashboard\"). In the new page, click \"Import dashboard\" in the right\ncolumn and upload \"metrics/grafana/grafana.infra.status.im.json\".\n\nIn the main panel, there's a hidden button used to assign metrics to the left\nor right Y-axis - it's the coloured line on the left of the metric name, in the\ngraph legend.\n\nTo see a single metric, click on its name in the legend. Click it again to go back\nto the combined view. To edit a panel, click on its title and select \"Edit\".\n\n[Obligatory screenshot.](https://i.imgur.com/AdtavDA.png)\n\n### Troubleshooting\n\nReport any errors you encounter, please, if not [already documented](https://github.com/status-im/nimbus-eth1/issues)!\n\n* Turn it off and on again:\n\n```bash\nmake clean\nmake update\n```\n\n## License\n\nLicensed and distributed under either of\n\n* MIT license: [LICENSE-MIT](LICENSE-MIT) or https://opensource.org/licenses/MIT\n\nor\n\n* Apache License, Version 2.0, ([LICENSE-APACHEv2](LICENSE-APACHEv2) or https://www.apache.org/licenses/LICENSE-2.0)\n\nat your option. These files may not be copied, modified, or distributed except according to those terms.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstatus-im%2Fnimbus-eth1","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fstatus-im%2Fnimbus-eth1","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstatus-im%2Fnimbus-eth1/lists"}