ChainSafe has requested that Least Authority perform a security audit of their Lodestar utility libraries. Lodestar is an Ethereum 2.0 implementation of the Beacon Chain.
The following utility libraries are considered in scope:
- Persistent Merkle Tree: https://github.com/chainsafe/persistent-merkle-tree
- BLS key derivation and hd key utilities: https://github.com/ChainSafe/bls-hd-key
- Key management for BLS curves: https://github.com/ChainSafe/bls-keygen
- BLS key store: github.com/chainsafe/bls-keygen
- Typescript types for Ethereum 2.0 data structures: https://github.com/ChainSafe/lodestar/tree/master/packages/lodestar-types
- Utility methods used throughout Lodestar modules: https://github.com/ChainSafe/lodestar/tree/master/packages/lodestar-utils
- Beacon Chain configuration: https://github.com/ChainSafe/lodestar/tree/master/packages/lodestar-config
Our final audit report was completed on March 23, 2020.