Contributing

FreedomCore uses a vetted source model. The code is readable by anyone. Contributing requires verified identity.

Why Not Open Source?

Open source has an unsolved problem: trust at the contributor level. The xz backdoor (2024) was a multi-year social engineering attack by a “trusted” anonymous maintainer. Supply chain attacks through package registries are now routine.

FreedomCore is literally a trust platform. The contribution model must reflect that.

Reading the Code

No restrictions. The source is available for inspection, auditing, and security research.

• GitHub: github.com/Acumen-Desktop
• File issues for bugs, security concerns, or feature requests

Contributing Code

Contributions require verified identity through FreedomCore’s trust system:

1. Introduction — an existing trusted member introduces you (same model FreedomCore uses for users)
2. Video handshake — you’re a real person, vouched for by someone with skin in the game
3. Graduated trust — start with documentation, tests, non-critical code. Trust expands with track record.
4. Security-critical access — crypto, certificates, network layer code requires established history

TPA Recipes

The lowest barrier to contributing: TPA recipes. A recipe is a small CSS/JS file that describes how to clean up and bridge a specific third-party web app. No app store approval. No SDK. If you can write CSS and a bit of JS, you can write a recipe.

Recipes don’t touch core code — they run inside the TPA webview sandbox. Recipe contributions are welcome from anyone, regardless of trust level. Share them like bookmarks.

Reporting Security Issues

See Security for responsible disclosure.

License

Source inspection is unrestricted. Redistribution and commercial use require agreement. Forks that strip trust infrastructure or misrepresent the security model are not permitted. License terms are being finalized.