“Least Authority” is derived from “the principle of least authority” (PoLA) — also known in information security as “the principle of least privilege” or “the principle of minimal privilege” — a security best practice requiring system components to only have the privilege necessary to complete their intended function and not more.
Least Authority was formed in the U.S. in 2011 to create freedom-compatible technologies. Since then, we have been working on decentralized systems (sometimes referred to as Web3) and began our security auditing work in 2014. The following year, a report we did for Ethereum identified the issues that lead to the DAO hack. In 2016, the company relocated to Berlin with Liz Steininger as CEO / Managing Director.
Least Authority Enterprises LLC, founded in the US, by Zooko Wilcox
Simple Secure Storage Service (S4) launched
Security auditing work begins
Zcash started and spins out into another company, the Electric Coin Company, LLC
Least Authority TFA GmbH founded in Germany by Least Authority Enterprises LLC and Liz Steininger. Liz takes over as CEO / Managing Director.
PrivateStorage.io LLC joint venture is founded, intended to replace S4
Audits for Mozilla Secure Open Source
Privacy for Everyone conference
Least Authority co-founds TechGDPR DPC GmbH in Germany
P4 paper released
The OTF project starts
100th completed audit
ZKAPs Whitepaper published
Least Authority is committed to building and supporting the development of usable technology solutions and ethical business practices to advance digital security and preserve privacy as a fundamental human right. We do this through:
Conducting security audits and providing consulting services for software development projects, especially within Free and Open Source Software (FOSS) communities. This allows us to advance the security of systems and contribute to the community of developers who build them (see published audits).
Building products with a specific focus on increasing the security of the data and systems, along with enhancing and preserving privacy. We build on open source software to expand the access to them and provide sustainability that is built on ethical business models.
We develop free and open source software (FOSS) and engage with and contribute to various communities (human rights organization, NGOs, privacy activists) to promote the use of secure systems and privacy-protecting technology, including zero-knowledge proofs.
We pursue our mission with these values:
We prioritize security and try to avoid only security by policy.
We prioritize users’ privacy and try to avoid only privacy by policy.
We respect that users do not always need to be individually identified.
We prioritize the distribution of control and power in our solutions.
We release the code we write as open source and we utilize open source tools.
Ethical Business Models
We operate our business to be considerate of human rights, not only profit.
Free for At-risk Users
We facilitate free access to our solutions to the users who have special needs.
Sustaining and Building Communities for Tech
We contribute to the people who are a part of the tech.
User-feedback Driven Development
We develop solutions that reflect users’ needs.
Like what you hear and interested in joining our team?
Meet Our Team
Learn about our experiences and expertise!