Audit of Gossipsub v1.1 Protocol Design + Implementation for Protocol Labs

and On Jul 7, 2020

# Introduction In early June, our team completed a thorough and comprehensive review of the Gossipsub v1.1 protocol design and implementation for Protocol Labs. This security audit was particularly interesting as v1.1 brings with it a series of notable and important updates that weren’t present in v1.0, including efforts to harden and increase the security […]

Audit of TezosKit for the Tezos Foundation

On Jun 2, 2020

Overview Tezos Foundation has requested that Least Authority perform a security audit of TezosKit, a Swift based toolbox for interacting with the Tezos Blockchain. Our final audit report was completed on May 8, 2020.   

Tagged In

Audit of the Centrifuge Chain

On May 25, 2020

Overview Centrifuge has requested that Least Authority perform a security audit of the Centrifuge Chain, a Parity Substrate based purpose-specific chain. The Centrifuge Chain is a Proof of Stake chain with block rewards, bridged to Ethereum as its first external network. Our final audit report was completed on April 3, 2020.   

Audit of BTG Pactual’s ReitBZ Token + Management Dashboard for the Tezos Foundation

On May 20, 2020

In preparation for the launch of the BTG Pactual ReitBZ token on Tezos, Least Authority reviewed the ReitBZ Security Token and Token Management Dashboard delivering a final report on March 13, 2020. The ReitBZ Security Token is a real estate backed token implemented with a smart contract using the FA1.2 standard interface, including additional functions […]

Audit of Centrifuge’s Tinlake Contracts + Actions

On Apr 17, 2020

Overview Centrifuge has requested that Least Authority perform a security audit of their Tinlake Platform, a smart contracts framework on Ethereum that enables borrowers to draw loans against non-fungible assets. Any assets represented on-chain as Non-Fungible Tokens (NFTs) are financed by issuing an ERC-20 token against all of the collateral NFTs that are deposited into […]

Using ZKAPs to Disconnect Payment Data from Service Data

On Apr 16, 2020

A note from the team: we’re continually looking for possible applications of ZKAPs in a variety of scenarios. If there is a product or project you’re working on that you would like to test ZKAPs with, don’t hesitate to get in touch! Last month, our team, the Least Authoritarians, gave two presentations on ZKAPs—zero-knowledge access […]

Audit of ChainSafe Utility Libraries

On Apr 14, 2020

Overview ChainSafe has requested that Least Authority perform a security audit of their Lodestar utility libraries. Lodestar is an Ethereum 2.0 implementation of the Beacon Chain. The following utility libraries are considered in scope: Persistent Merkle Tree: https://github.com/chainsafe/persistent-merkle-tree BLS key derivation and hd key utilities: https://github.com/ChainSafe/bls-hd-key Key management for BLS curves: https://github.com/ChainSafe/bls-keygen BLS key store: […]

Audit of TzBTC for the Tezos Foundation

On Apr 8, 2020

Overview The Tezos Foundation requested that Least Authority perform a security audit of TzBTC, a BTC-backed token on Tezos. TzBTC enables the compliant issuance of a fully Bitcoin-backed token on the Tezos blockchain while aiming to eradicate the risks of a single-point-of-failure. This is achieved by dividing the various tasks into keyholders that are responsible […]

Audit of MetaMask Plugin System + LavaMoat

On Mar 24, 2020

Overview ConsenSys AG has requested that Least Authority perform a security audit of MetaMask, a browser extension that enables interaction with applications built on Ethereum. MetaMask allows users to browse the web and interact with Ethereum applications, sign messages and transactions, and securely manage and store their private keys and assets.  The following components were […]

Audit of MetaMask Permissions System + CapNode

On Dec 18, 2019

Overview ConsenSys AG has requested that Least Authority perform a security audit of MetaMask, a browser extension that enables interaction with applications built on Ethereum. MetaMask allows users to browse the web and interact with Ethereum applications, sign messages and transactions, and securely manage and store their private keys and assets. The following components were […]