From cc47a99acb3269d19a4e0a5a3b46b3c8ea99bbe0 Mon Sep 17 00:00:00 2001
From: Jon C <me@jonc.dev>
Date: Wed, 29 Nov 2023 18:42:03 +0100
Subject: [PATCH] token-2022: Add security.txt support

---
 Cargo.lock                           |  7 +++++++
 token/program-2022/Cargo.toml        |  1 +
 token/program-2022/src/entrypoint.rs | 16 ++++++++++++++++
 3 files changed, 24 insertions(+)

diff --git a/Cargo.lock b/Cargo.lock
index 11fe2c81e14..ff5034455ce 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -6197,6 +6197,12 @@ dependencies = [
  "syn 2.0.28",
 ]
 
+[[package]]
+name = "solana-security-txt"
+version = "1.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "468aa43b7edb1f9b7b7b686d5c3aeb6630dc1708e86e31343499dd5c4d775183"
+
 [[package]]
 name = "solana-send-transaction-service"
 version = "1.17.6"
@@ -7325,6 +7331,7 @@ dependencies = [
  "solana-program",
  "solana-program-test",
  "solana-sdk",
+ "solana-security-txt",
  "solana-zk-token-sdk",
  "spl-memo 4.0.0",
  "spl-pod 0.1.0",
diff --git a/token/program-2022/Cargo.toml b/token/program-2022/Cargo.toml
index 478fee82a19..0b4604bb867 100644
--- a/token/program-2022/Cargo.toml
+++ b/token/program-2022/Cargo.toml
@@ -24,6 +24,7 @@ num-derive = "0.4"
 num-traits = "0.2"
 num_enum = "0.7.1"
 solana-program = "1.17.6"
+solana-security-txt = "1.1.1"
 solana-zk-token-sdk = "1.17.6"
 spl-memo = { version = "4.0.0", path = "../../memo/program", features = [ "no-entrypoint" ] }
 spl-token = { version = "4.0",  path = "../program", features = ["no-entrypoint"] }
diff --git a/token/program-2022/src/entrypoint.rs b/token/program-2022/src/entrypoint.rs
index 366ee78d012..b25596d507b 100644
--- a/token/program-2022/src/entrypoint.rs
+++ b/token/program-2022/src/entrypoint.rs
@@ -6,6 +6,7 @@ use {
         account_info::AccountInfo, entrypoint::ProgramResult, program_error::PrintProgramError,
         pubkey::Pubkey,
     },
+    solana_security_txt::security_txt,
 };
 
 solana_program::entrypoint!(process_instruction);
@@ -21,3 +22,18 @@ fn process_instruction(
     }
     Ok(())
 }
+
+security_txt! {
+    // Required fields
+    name: "SPL Token-2022",
+    project_url: "https://spl.solana.com/token-2022",
+    contacts: "link:https://github.com/solana-labs/solana-program-library/security/advisories/new,mailto:security@solana.com,discord:https://discord.gg/solana",
+    policy: "https://github.com/solana-labs/solana-program-library/blob/master/SECURITY.md",
+
+    // Optional Fields
+    preferred_languages: "en",
+    source_code: "https://github.com/solana-labs/solana-program-library/tree/master/token/program-2022",
+    source_revision: "79a575fb7af56d26deeda94fef8f55bde7a90df3",
+    source_release: "token-2022-v0.9.0",
+    auditors: "https://github.com/solana-labs/security-audits#token-2022"
+}