Terms of Service

By accessing or using ExtenSilica (the “Service”) — including the website, the registry API, and the xsil command-line tool — you agree to be bound by these Terms of Service (“Terms”). If you do not agree to these Terms you must not use the Service.

If you are using the Service on behalf of an organization, you represent that you have the authority to bind that organization to these Terms.

ExtenSilica is a free, public package registry for .xsil packages — versioned, self-describing archives containing RISC-V simulation assets, toolchains, test suites, documentation, and optional FPGA artifacts. The Service allows registered users to publish packages and permits anyone to discover, browse, and download them.

The Service additionally offers an Extension Wizard (web form at /wizard and CLI command xsil new) that scaffolds a .xsil skeleton — manifest, opcode header, Spike extension stub, examples, tests, license, and changelog — without requiring an account. The wizard generates files locally (CLI) or streams them in-memory to your browser (web); it does not publish on your behalf.

The Service is provided free of charge. We reserve the right to introduce usage limits or modify the feature set at any time with reasonable notice.

ExtenSilica operates the Service as interim technical steward of the public registry and .xsil format. We coordinate open technical work (publication, ownership claims, implementation requests, verification) and publish adoption metrics. We do not hold user funds, process payments, set prices, or broker contracts on the Service.

Optional funding-contact fields on implementation requests are pointers to off-platform arrangements only. See Governance and Contributing on this site for more detail.

Honest classification (standardStatus). Every package on ExtenSilica is labeled with one of five values describing its relationship to the RISC-V standard: ratified, draft, vendor, research, or custom. The label is set by the publisher (or, for catalog-seeded packages, by ExtenSilica based on public upstream sources) and is informational only. ExtenSilica does not warrant the accuracy of any label and is not a substitute for the canonical specification published by RISC-V International or any other standards body. References to RISC-V International, vendor names, or research groups in catalog labels and metadata are descriptive and do not imply endorsement, sponsorship, or affiliation.

Provenance (portStatus). ExtenSilica additionally tracks how a package was put on the platform: seeded (auto-published by our catalog-seed agent from public upstream sources), community_port (ported by a non-upstream community member), claimed (the current owner went through the ownership-claim flow), official (an ExtenSilica admin verified the publisher’s identity / affiliation), or archived. This field is set by the Service, never by the publisher, and is shown as a badge on the package page.

Catalog-seeded packages. A subset of packages on ExtenSilica are auto-published by us using a designated bot account (a “catalog-seed agent”) sourcing metadata and content from public upstream repositories. These packages:

• Are clearly badged as seeded in the UI so visitors can see they have not (yet) been blessed by the upstream maintainer.
• Are distributed under the same license declared by the upstream project. ExtenSilica does not relicense upstream content.
• Do not imply that the upstream maintainer endorses, sponsors, or is affiliated with ExtenSilica.
• May be claimed by the upstream maintainer at any time via the Request authorship flow described in Section 4 below, or removed on request (see Section 8).

Authors retain ownership. ExtenSilica does not claim any intellectual property rights over packages — whether published by their authors or ported by the catalog-seed agent. Each package is distributed under the license declared in its manifest.

Request authorship. If you are the upstream maintainer of an extension that appears on ExtenSilica under another account (typically a catalog-seed bot account, or a community porter), you may file an ownership request from the package page. ExtenSilica administrators review each request and, on approval, transfer the package ownership to your account and flip its portStatus to claimed. Approval is at our discretion; we may require evidence of upstream affiliation (commit-signing GPG keys, domain control, official repository membership, etc.).

Filing a knowingly false ownership request, or one made in bad faith, may result in account suspension and counts as a violation of these Terms.

Publishing packages requires a registered account. When you create an account you agree to:

• Provide accurate, complete, and current registration information.
• Maintain the confidentiality of your password and API token. You are solely responsible for all activity that occurs under your credentials.
• Notify us immediately if you become aware of any unauthorized use of your account.
• Not create accounts programmatically, in bulk, or for the purpose of abusing the Service.

You may not share, transfer, or sell your account or API token to another person or entity. Each account is personal to the individual or organization that created it.

License grant. By publishing a package you grant ExtenSilica and its users a worldwide, royalty-free, non-exclusive license to store, distribute, display, and access the package under the license you declare in the package manifest. This license is necessary to operate the registry. (See Section 4 above for our ownership / authorship rules.)

Authors are responsible for their content. By publishing a package you represent and warrant that:

• You have the legal right to publish the package and all files it contains under the declared license.
• The package does not contain malware, ransomware, spyware, cryptocurrency miners, rootkits, or any code designed or likely to cause harm to users, their systems, or third parties.
• The package does not infringe any patent, trademark, trade secret, copyright, or other intellectual property right of any third party.
• The package does not contain content that is defamatory, fraudulent, deceptive, or that violates applicable law.
• Any executable artifacts included in the package (simulation binaries, scripts, FPGA bitstreams) perform only the functions described in the package documentation.

Executable artifacts. Because .xsil packages may contain executable code (simulation entry points, test scripts, RISC-V binaries), users who install and run packages do so at their own risk. We strongly recommend reviewing package source and checksums before executing content from unknown authors. ExtenSilica verifies archive integrity via SHA-256 checksums but does not perform behavioral analysis of package contents.

The ExtenSilica website, registry infrastructure, and xsil CLI are open-source software. The name “ExtenSilica” and associated branding are owned by the project maintainers. You may not use the ExtenSilica name or logo in a way that implies endorsement or affiliation without prior written permission.

You may not use the Service to:

• Publish or distribute malicious, harmful, unlawful, or abusive content of any kind.
• Circumvent, disable, or otherwise interfere with security features of the Service.
• Attempt to gain unauthorized access to the Service, other accounts, or any connected systems.
• Conduct denial-of-service attacks, excessive automated scraping, or any activity that degrades the Service for others.
• Register usernames or package names with the intent to squat, sell, or mislead (e.g., typosquatting popular packages).
• Impersonate another person, organization, or official project, or file an ownership request claiming to represent a project you do not actually maintain.
• Upload content that infringes the intellectual property rights of others.
• Mislabel a package’s standardStatus — in particular, labeling a non-frozen extension as ratified. The registry audits these labels periodically; repeated misrepresentation may result in package removal and account suspension.
• Use the Service in any manner inconsistent with applicable laws or regulations.

ExtenSilica reserves the right — but not the obligation — to review, moderate, and remove content that violates these Terms or that we determine in our sole discretion to be harmful, unlawful, or abusive.

Takedown requests. If you believe a package infringes your intellectual property rights, please use our formal DMCA / Takedown Request page. You will be asked to provide:

• The package name and version(s) at issue.
• A description and URL of your original work.
• An explanation of how the package infringes your rights.
• Your contact information and electronic signature.

We aim to acknowledge receipt promptly and take appropriate action — typically yanking or removing the affected version(s) — within a reasonable timeframe, depending on the completeness of the request and the nature of the claim.

Seeded packages — preferred remedy. If you are the upstream maintainer of a package that ExtenSilica has auto-published under our catalog-seed bot account (badged seeded), the fastest remedy in most cases is to claim authorship via the ownership-request flow described in Section 4. Once approved you become the owner of the package and can yank, update, or have it removed at your discretion. A DMCA or takedown request is also available, but claiming the package is usually faster and lets you keep its install history and identifiers intact.

Yanking vs. deletion. Because published versions are immutable by design, most enforcement actions result in a version being yanked — marked as unsafe and excluded from normal resolution — rather than deleted. Deletion of package artifacts is reserved for situations involving illegal content or court orders.

Once a package version is successfully published it cannot be overwritten. You may publish a new version to supersede an older one, or yank a version to flag it as unsafe, but the original artifact and its metadata remain in the registry. This immutability is a core guarantee of the Service and enables reproducible builds.

We reserve the right to suspend or terminate accounts that violate these Terms, engage in abusive behavior, or that have been inactive for an extended period. We will generally provide notice before taking such action except where immediate action is necessary to protect the Service or its users.

You may close your account at any time. Account closure removes your personal data (subject to the retention rules in our Privacy Policy) but does not delete packages you have published, as other users may depend on them. Packages from closed accounts remain in the registry under their last recorded authorship.

The Service is provided “as is” and “as available” without warranty of any kind, express or implied, including but not limited to warranties of merchantability, fitness for a particular purpose, non-infringement, or uninterrupted availability.

We do not warrant that the Service will be error-free, that defects will be corrected, or that the Service or the servers that make it available are free of viruses or other harmful components. We do not endorse, verify, or accept any responsibility for the accuracy, completeness, or safety of third-party packages published on the registry.

Catalog labels are informational. The standardStatus, authority, and portStatus fields displayed on package pages are best-effort metadata. They do not constitute legal advice, technical certification, an endorsement, or a representation of conformance with any specification or standard. Always consult the canonical specification and the upstream maintainer before relying on a package for production use.

To the maximum extent permitted by applicable law, ExtenSilica and its contributors, maintainers, and operators shall not be liable for any indirect, incidental, special, consequential, or punitive damages — including loss of data, loss of revenue, or damage to systems — arising out of or related to your use of or inability to use the Service, even if advised of the possibility of such damages.

Our total liability to you for any claim arising out of these Terms or the Service shall not exceed the amount you paid us in the twelve months preceding the claim (which, given that the Service is free, is zero). Some jurisdictions do not allow the exclusion of certain warranties or limitation of certain liabilities; those limitations apply only to the extent permitted by law.

You agree to indemnify, defend, and hold harmless ExtenSilica and its contributors from and against any claims, damages, obligations, losses, liabilities, costs, or expenses (including reasonable legal fees) arising from: (a) your use of the Service; (b) your published packages; (c) your violation of these Terms; or (d) your violation of any third-party right.

We may update these Terms from time to time. When we make material changes we will update the “Last updated” date at the top of this page and announce the change via the project’s GitHub repository. Your continued use of the Service after changes take effect constitutes acceptance of the revised Terms.

These Terms shall be governed by and construed in accordance with applicable law. Any disputes arising under these Terms shall be resolved through good-faith negotiation, and if necessary, through binding arbitration or the courts of competent jurisdiction.

The Service may award XSIL governance points for verified technical contributions. XSIL is not sold on the Service, is not a payment method, and does not entitle holders to revenue, dividends, or any financial return. Optional wallet linking is used only to verify address ownership and, when enabled, to claim previously awarded points on-chain. See the XSIL token page and Token Documentation.

Questions, abuse reports, and takedown requests can be sent to [email protected] or submitted via the project’s GitHub repository.