Blog

Lightec – zkBTC Circuit + Smart Contracts

We performed a security audit of the zkBTC Circuit Implementation and Smart Contracts. zkBTC Bridge is a native zero‐knowledge proof-based cross‐chain protocol by Lightec that enables Bitcoin holders to convert BTC into an ERC-20 token, $zkBTC, on Ethereum at a 1:1 peg. Our final audit report was completed on June

Read More »

Joey Wallet

Our team performed a security audit of the Joey Wallet’s key management, focusing on the proper implementation of key derivation, management, and storage. Our final audit report was completed on June 6, 2025. To read the full report, including our findings, click here: Report

Read More »

Zcash – FROST Demo

As the Zcash ecosystem Security Lead, Zcash Community Grants (ZCG) requested that we perform a security audit of the FROST server and client components. The frost-crate is an implementation for a threshold Schnorr signatures scheme called FROST (RFC 9591, [KG20]). The frost-demo allows a user to locally mimic a key generation

Read More »

Lightec – zkBTC Bridge Cryptography

Lightec requested that Least Authority review several components of the zkBTC protocol, which is a bridge between Bitcoin and Ethereum, using techniques from zero-knowledge proofs. The bridge allows a Bitcoin user to mint a zkBTC token, use this token in the Ethereum ecosystem, and eventually redeem the Bitcoin from the

Read More »

Keystone – Hardware Wallet for Zcash

As the Zcash Ecosystem Security Lead, Zcash Community Grants (ZCG) has requested that Least Authority perform a security audit of the Keystone Hardware Wallet, which supports Zcash users managing their assets. This wallet is designed with several security features, including air-gapped communication, open-source firmware, and a user-friendly interface. Our final

Read More »

World – Mobile IrisCode Self-Custody Upgrade (2nd Review)

We performed a second security audit of World’s MPC Circuit within the Mobile IrisCode Self-Custody Upgrade project, which allows users to self-host biometric data on their personal device while supporting high-integrity authentication for the World ID service. Our final audit report was completed on March 7, 2025. To read the

Read More »

World – SMPC Protocol (3rd Review)

Our team performed a review of the recent changes to World‘s secure multi-party computation protocol V2 (SMPC Protocol), which is used to match a given iris against a database of iris shares. In this third review, we audited the changes implemented in the second version of the protocol since our

Read More »

Warlock Labs – Sylow and SolBLS

Warlock has requested that Least Authority perform a security audit of Sylow and SolBLS. Sylow is a Rust library for elliptic curve cryptography, specifically tailored for the BN254 curve, and SolBLS is a Solidity library optimized for on-chain BLS signature verification. Our final audit report was completed on January 6,

Read More »
Archives