Minor changes to permissionless refactoring

.github/CODEOWNERS

@@ -0,0 +1,3 @@
+# These owners will be the default owners for everything in the repo.
+*       @0xPolygon/dev-tools
+*       @praetoriansentry

.github/workflows/security-build.yml

@@ -0,0 +1,22 @@
+name: Security Build
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch: {}
+  pull_request:
+    types: [opened, synchronize, reopened]
+
+jobs:
+  sonarcloud:
+    name: SonarCloud
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+      - name: SonarCloud Scan
+        uses: SonarSource/sonarcloud-github-action@master
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

cdk/README.org → README.org

@@ -1,11 +1,13 @@
 * Polygon CDK Kurtosis Package
 
+[[file:cdk/docs/architecture.png]]
+
 To get started you'll want to get everything [[https://docs.kurtosis.com/install/][installed]]. Once that's
 good and installed on your system, you can ~cd~ into this directory
 and run:
 
 #+begin_src bash
-kurtosis run --enclave cdk-v1 --args-file cdk-params.yml .
+kurtosis run --enclave cdk-v1 --args-file cdk/params.yml cdk
 #+end_src
 
 This command will take a few minutes but will basically run an entire
@@ -27,14 +29,14 @@ overwhelming. If we want to simply see the port mapping within the
 ~trusted-rpc~ port, we can run this command.
 
 #+begin_src bash
-kurtosis port print cdk-v1 zkevm-node-trusted-rpc-001 http-rpc
+kurtosis port print cdk-v1 zkevm-node-rpc-001 http-rpc
 #+end_src
 
 For the sake of this document, I'm going to map that value to an
 environment variable.
 
 #+begin_src bash
-export ETH_RPC_URL="$(kurtosis port print cdk-v1 zkevm-node-trusted-rpc-001 http-rpc)"
+export ETH_RPC_URL="$(kurtosis port print cdk-v1 zkevm-node-rpc-001 http-rpc)"
 #+end_src
 
 That is the same environment variable that ~cast~ uses, so now I
@@ -82,13 +84,43 @@ container to be able to poke around.
 kurtosis service shell cdk-v1 zkevm-node-sequencer-001
 #+end_src
 
+One of the most common ways to check the status of the system is to
+make sure that batches are going through the normal progression of
+trusted, virtual, and verified:
+
+#+begin_src bash
+cast rpc zkevm_batchNumber
+cast rpc zkevm_virtualBatchNumber
+cast rpc zkevm_verifiedBatchNumber
+#+end_src
+
 When everything is done, you might want to clean up with this command
 which stopps everything and deletes it.
 
 #+begin_src bash
 kurtosis clean -a
 #+end_src
 
+** Permissionless Node
+
+In addition to the core stack, you can also attach and synchronize a
+permissionless node. Of course, you'll need the CDK stack running from
+the previous commands. Assuming that has run and correctly created a
+network, you'll need to pull the genesis file artifact out and add it
+to your ~permissionless-node~ kurtosis package.
+
+#+begin_src bash
+kurtosis files download cdk-v1 zkevm /tmp
+cp /tmp/zkevm/genesis.json permissionless-node/genesis.json
+#+end_src
+
+Now that we have the right genesis file, we can add a permissionless
+node to the ~cdk-v1~ enclave:
+
+#+begin_src bash
+kurtosis run --enclave cdk-v1 --args-file permissionless-node/params.yml permissionless-node
+#+end_src
+
 ** License
 
 Copyright (c) 2024 PT Services DMCC

SECURITY.md

@@ -0,0 +1,17 @@
+# Polygon Technology Security Information
+
+## Link to vulnerability disclosure details (Bug Bounty).
+- Websites and Applications: https://hackerone.com/polygon-technology
+- Smart Contracts: https://immunefi.com/bounty/polygon
+
+## Languages that our team speaks and understands.
+Preferred-Languages: en
+
+## Security-related job openings at Polygon.
+https://polygon.technology/careers
+
+## Polygon security contact details.
+[email protected]
+
+## The URL for accessing the security.txt file.
+Canonical: https://polygon.technology/security.txt