Regen docsite

docs/build/html/secure-coding-guidelines.html

@@ -85,21 +85,32 @@
           
             
             
-                <p class="caption"><span class="caption-text">Overview</span></p>
+                <p class="caption"><span class="caption-text">Getting started</span></p>
 <ul>
 <li class="toctree-l1"><a class="reference internal" href="inthebox.html">What&#8217;s included?</a></li>
 <li class="toctree-l1"><a class="reference internal" href="getting-set-up.html">Getting set up</a></li>
+<li class="toctree-l1"><a class="reference internal" href="running-the-demos.html">Running the demos</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Key concepts</span></p>
+<ul>
 <li class="toctree-l1"><a class="reference internal" href="data-model.html">Data model</a></li>
 <li class="toctree-l1"><a class="reference internal" href="transaction-data-types.html">Data types</a></li>
 <li class="toctree-l1"><a class="reference internal" href="merkle-trees.html">Transaction Tear-offs</a></li>
 <li class="toctree-l1"><a class="reference internal" href="consensus.html">Consensus model</a></li>
+</ul>
+<p class="caption"><span class="caption-text">The Corda node</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="clientrpc.html">Client RPC</a></li>
 <li class="toctree-l1"><a class="reference internal" href="messaging.html">Networking and messaging</a></li>
 <li class="toctree-l1"><a class="reference internal" href="persistence.html">Persistence</a></li>
-<li class="toctree-l1"><a class="reference internal" href="creating-a-cordapp.html">Creating a Cordapp</a></li>
-<li class="toctree-l1"><a class="reference internal" href="creating-a-cordapp.html#gradle-plugins-for-cordapps">Gradle Plugins for Cordapps</a></li>
-<li class="toctree-l1"><a class="reference internal" href="running-the-demos.html">Running the demos</a></li>
 <li class="toctree-l1"><a class="reference internal" href="node-administration.html">Node administration</a></li>
 <li class="toctree-l1"><a class="reference internal" href="corda-configuration-files.html">The Corda Configuration File</a></li>
+<li class="toctree-l1"><a class="reference internal" href="node-services.html">A Brief Introduction To The Node Services</a></li>
+</ul>
+<p class="caption"><span class="caption-text">CorDapps</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="creating-a-cordapp.html">Creating a Cordapp</a></li>
+<li class="toctree-l1"><a class="reference internal" href="creating-a-cordapp.html#gradle-plugins-for-cordapps">Gradle Plugins for Cordapps</a></li>
 </ul>
 <p class="caption"><span class="caption-text">Tutorials</span></p>
 <ul>
@@ -108,37 +119,40 @@
 <li class="toctree-l1"><a class="reference internal" href="tutorial-contract-clauses.html">Writing a contract using clauses</a></li>
 <li class="toctree-l1"><a class="reference internal" href="tutorial-test-dsl.html">Writing a contract test</a></li>
 <li class="toctree-l1"><a class="reference internal" href="tutorial-clientrpc-api.html">Client RPC API Tutorial</a></li>
-<li class="toctree-l1"><a class="reference internal" href="protocol-state-machines.html">Protocol state machines</a></li>
+<li class="toctree-l1"><a class="reference internal" href="flow-state-machines.html">Flow state machines</a></li>
 <li class="toctree-l1"><a class="reference internal" href="oracles.html">Writing oracle services</a></li>
 <li class="toctree-l1"><a class="reference internal" href="tutorial-attachments.html">Using attachments</a></li>
 <li class="toctree-l1"><a class="reference internal" href="event-scheduling.html">Event scheduling</a></li>
 </ul>
-<p class="caption"><span class="caption-text">Contracts</span></p>
+<p class="caption"><span class="caption-text">Other</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="network-simulator.html">Network Simulator</a></li>
+<li class="toctree-l1"><a class="reference internal" href="node-explorer.html">Node Explorer</a></li>
+<li class="toctree-l1"><a class="reference internal" href="initial-margin-agreement.html">Initial Margin Agreements</a></li>
+</ul>
+<p class="caption"><span class="caption-text">Component library</span></p>
 <ul>
 <li class="toctree-l1"><a class="reference internal" href="contract-catalogue.html">Contract catalogue</a></li>
 <li class="toctree-l1"><a class="reference internal" href="contract-irs.html">Interest Rate Swaps</a></li>
-<li class="toctree-l1"><a class="reference internal" href="initialmarginagreement.html">Initial Margin Agreements</a></li>
-</ul>
-<p class="caption"><span class="caption-text">Node API</span></p>
-<ul>
-<li class="toctree-l1"><a class="reference internal" href="clientrpc.html">Client RPC</a></li>
 </ul>
 <p class="caption"><span class="caption-text">Appendix</span></p>
 <ul class="current">
 <li class="toctree-l1"><a class="reference internal" href="loadtesting.html">Load testing</a></li>
 <li class="toctree-l1 current"><a class="current reference internal" href="#">Secure coding guidelines</a><ul>
-<li class="toctree-l2"><a class="reference internal" href="#protocols">Protocols</a></li>
+<li class="toctree-l2"><a class="reference internal" href="#flows">Flows</a></li>
 <li class="toctree-l2"><a class="reference internal" href="#contracts">Contracts</a></li>
 </ul>
 </li>
 <li class="toctree-l1"><a class="reference internal" href="release-process.html">Release process</a></li>
 <li class="toctree-l1"><a class="reference internal" href="release-process.html#steps-to-cut-a-release">Steps to cut a release</a></li>
 <li class="toctree-l1"><a class="reference internal" href="release-notes.html">Release notes</a></li>
-<li class="toctree-l1"><a class="reference internal" href="network-simulator.html">Network Simulator</a></li>
-<li class="toctree-l1"><a class="reference internal" href="node-explorer.html">Node Explorer</a></li>
 <li class="toctree-l1"><a class="reference internal" href="codestyle.html">Code style guide</a></li>
 <li class="toctree-l1"><a class="reference internal" href="building-the-docs.html">Building the documentation</a></li>
 </ul>
+<p class="caption"><span class="caption-text">Glossary</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="glossary.html">Glossary</a></li>
+</ul>
 
             
           
@@ -187,19 +201,19 @@
 <p>The platform does what it can to be secure by default and safe by design. Unfortunately the platform cannot
 prevent every kind of security mistake. This document describes what to think about when writing applications
 to block various kinds of attack. Whilst it may be tempting to just assume no reasonable counterparty would
-attempt to subvert your trades using protocol level attacks, relying on trust for software security makes it
+attempt to subvert your trades using flow level attacks, relying on trust for software security makes it
 harder to scale up your operations later when you might want to add counterparties quickly and without
 extensive vetting.</p>
-<div class="section" id="protocols">
-<h2>Protocols<a class="headerlink" href="#protocols" title="Permalink to this headline">¶</a></h2>
-<p><a class="reference internal" href="protocol-state-machines.html"><span class="doc">Protocol state machines</span></a> are how your app communicates with other parties on the network. Therefore they
+<div class="section" id="flows">
+<h2>Flows<a class="headerlink" href="#flows" title="Permalink to this headline">¶</a></h2>
+<p><a class="reference internal" href="flow-state-machines.html"><span class="doc">Flow state machines</span></a> are how your app communicates with other parties on the network. Therefore they
 are the typical entry point for malicious data into your app and must be treated with care.</p>
 <p>The <code class="docutils literal"><span class="pre">receive</span></code> methods return data wrapped in the <code class="docutils literal"><span class="pre">UntrustworthyData&lt;T&gt;</span></code> marker type. This type doesn&#8217;t add
 any functionality, it&#8217;s only there to remind you to properly validate everything that you get from the network.
-Remember that the other side may <em>not</em> be running the code you provide to take part in the protocol: they are
+Remember that the other side may <em>not</em> be running the code you provide to take part in the flow: they are
 allowed to do anything! Things to watch out for:</p>
 <ul class="simple">
-<li>A transaction that doesn&#8217;t match a partial transaction built or proposed earlier in the protocol, for instance,
+<li>A transaction that doesn&#8217;t match a partial transaction built or proposed earlier in the flow, for instance,
 if you propose to trade a cash state worth $100 for an asset, and the transaction to sign comes back from the
 other side, you must check that it points to the state you actually requested. Otherwise the attacker could
 get you to sign a transaction that spends a much larger state to you, if they know the ID of one!</li>
@@ -210,7 +224,7 @@ to the control of a hostile notary.</li>
 could re-run the builder logic and do a comparison of the resulting states to ensure that it&#8217;s what you expected.
 For instance if the data needed to construct the next state is available to both parties, the function to
 calculate the transaction you want to mutually agree could be shared between both classes implementing both
-sides of the protocol.</li>
+sides of the flow.</li>
 </ul>
 <p>The theme should be clear: signing is a very sensitive operation, so you need to be sure you know what it is you
 are about to sign, and that nothing has changed in the small print!</p>