Merge pull request #296 from SmartContractSecurity/chaals-patch-1

Update README.md
SmartContractSecurity · Jul 1, 2024 · a8befc2 · a8befc2
2 parents 15f789d + 3c23d04
commit a8befc2
Showing 1 changed file with 10 additions and 5 deletions.
diff --git a/README.md b/README.md
@@ -5,23 +5,28 @@ to enhance or clarify the status of the current content, and pointers will be ad
 [EEA EthTrust Security Levels Specification](https://entethalliance.org/specs/ethtrust-sl/), new SWCs are no longer being added,
 and readers should check external sources to clarify the relevance of existing content.
 
-All the work in here was incorporated into the **[EEA EthTrust Security Levels specification v1](https://entethalliance.org/specs/ethtrust-sl)**. 
+All the vulnerabilities described in this repository were incorporated into version 1 of the **[EEA EthTrust Security Levels specification](https://entethalliance.org/specs/ethtrust-sl)**, published in August 2022
 
 The [EEA EthTrust Security Levels](https://entethalliance.org/groups/ethtrust) project is actively maintained. 
-The **[Editor's draft for a new version](https://entethalliance.github.io/eta-registry/security-levels-spec.html)** is publicly available,
-is updated roughly every two weeks, and a formal release is expected to be published in Q4 2023 as version 2 of the specification.
+The **[Editor's draft for a new version](https://entethalliance.github.io/eta-registry/security-levels-spec.html)** is publicly available.
+
+[EthTrust Security Leveles Version 2](https://entethalliance.org/specs/ethtrust-sl/v2) was published in December 2023, with publication of version 3 expected in early 2025.
+
+Another project that has been maintained over a number of years is the [Smart Contrat Security Verification Standard](https://github.com/ComposableSecurity/SCSVS).
+
+The EthTrust specification is specific to Solidity code, and aims to comprehensively identify vulnerabilities that need to be checked for, and if present eliminated. The SCSVS is a more general development guideline for security testing and remediation, applicable to a large range of projects.
 
 # Smart Contract Weakness Classification Registry
 
 The Smart Contract Weakness Classification Registry (SWC Registry) is an implementation of the weakness classification scheme proposed in [EIP-1470](https://github.com/ethereum/EIPs/issues/1469). It is loosely aligned to the terminologies and structure used in the Common Weakness Enumeration ([CWE](https://cwe.mitre.org)) while overlaying a wide range of weakness variants that are specific to smart contracts.
 
-The goals of this project are as follows:
+The goals of this project were as follows:
 
 - Provide a straightforward way to classify security issues in smart contract systems.
 - Define a common language for describing security issues in smart contract systems' architecture, design, or code.
 - Serve as a way to train and increase performance for smart contract security analysis tools.
 
-## New SWC entries are not added since 2020
+## New SWC entries have not not been added since 2020
 
 
 ### Scope of Weaknesses