Menu

Blog

Select category

How The TezBox Audit Should Inform How We Think About Privacy

Gordyn Hall on February 7, 2019

The TezBox team promptly resolved all issues discussed here. If you want to skip my rambling and just read the official report, it's here. Last September, I had the pleasure of performing a security audit for a Tezos project called TezBox, developed by Stephen Andrews. TezBox is a web based digital wallet for using the Tezos cryptocurrency. I'm always excited to audit JavaScript projects, especially those that run in the browser and secure your finances, because the browser is a hostile...

Read more

Announcing the release of Gridsync 0.4.0: the latest version of our graphical user interface for Tahoe-LAFS/S4

Chris Wood on February 6, 2019

We’re excited to announce that we have rolled out Gridsync 0.4.0 -- the latest version of our graphical user interface for Tahoe-LAFS/S4. This release contains a number of new features, improvements, and bug-fixes and is a recommended upgrade for all customers of our Simple Secure Storage Service (S4). Among the latest changes include: Tor integration. Gridsync now offers built-in support for tunneling outgoing connections over the Tor anonymity network. By checking the “Connect over the Tor...

Read more

Releasing Three Zcash Security Audit Reports

Hind Abu-Amr on January 31, 2019

At the request of Zcash Company, the team at Least Authority had the opportunity to provide security consulting services on Zcash’s major 2018 releases. This included auditing Zcashd v1.0.15 (as part of the Sprout 1.0.x series), reviewing and providing feedback on the Overwinter and Sapling Specifications for future implementation, and a security review of the Sapling Implementation and RPC Interface changes following the latest release. This approach allowed Least Authority to look at the...

Read more

Introducing P4: Private Periodic Payment Protocol

Liz Steininger, Chris Wood & Anamika Ved on January 24, 2019

Least Authority has recently designed a protocol called the Private Periodic Payment Protocol, or P4, which aims to define the way in which subscription services can be funded using end-to-end private cryptocurrency payments. P4 incorporates the use of Zcash shielded transactions for private payments and leverages the Tor anonymity network’s onion services to radically reduce the amount of personally identifiable information (PII) available to merchants. In addition, P4 introduces...

Read more

Least Authority Performs Security Audit of BEAM’s Mimblewimble Implementation

Anamika Ved on January 17, 2019

At the request of BEAM, Least Authority performed a security audit of BEAM’s implementation of the Mimblewimble protocol, written in C++ and uses the Equihash Mining algorithm. Our review followed the launch of Testnet, in which the code was made open source, and preceded the launch of BEAM’s Mainnet. Our team members Ramakrishnan Muthukrishnan, Meejah, and Jan Winkelmann performed the audit in collaboration with the BEAM team members Alex Romanov, Vladislav Gelfer, and Artem Gorbachev from...

Read more