DropFi is a wallet for the XRP Ledger (XRPL), implemented in TypeScript and distributed as both a React Native mobile application and a browser extension. DropFi utilizes the WebCrypto API to derive encryption keys from user-supplied passwords and subsequently encrypts the wallet’s account data for storage. We performed a security
Chia Network has requested that Least Authority perform security audits of Permuto. Permuto consists of certificates issued by the Trust, which is formed solely to hold a single class of stock in a specified publicly traded company, with the first being shares of the common stock of Microsoft Corporation (NASDAQ:
While Conflux retains full EVM bytecode compatibility in its Ethereum space, the protocol has been extended with collateral‐based storage economics, dual account spaces, and sponsorship mechanics. In this audit, we reviewed Conflux’s VM implementation. Our final audit report was completed on July 31, 2025. To read the full report, including
We performed a security audit of the zkBTC Circuit Implementation and Smart Contracts. zkBTC Bridge is a native zero‐knowledge proof-based cross‐chain protocol by Lightec that enables Bitcoin holders to convert BTC into an ERC-20 token, $zkBTC, on Ethereum at a 1:1 peg. Our final audit report was completed on June
Our team performed a security audit of the Joey Wallet’s key management, focusing on the proper implementation of key derivation, management, and storage. Our final audit report was completed on June 6, 2025. To read the full report, including our findings, click here: Report
As the Zcash ecosystem Security Lead, Zcash Community Grants (ZCG) requested that we perform a security audit of the Kotlin and Swift Payment URI Prototypes, a library for processing Zcash Payment URIs, as defined in ZIP-321. The core functionality of this library, which is implemented in Kotlin for Android and in Swift for
As the Zcash ecosystem Security Lead, Zcash Community Grants (ZCG) requested that we perform a security audit of the FROST server and client components. The frost-crate is an implementation for a threshold Schnorr signatures scheme called FROST (RFC 9591, [KG20]). The frost-demo allows a user to locally mimic a key generation
Lightec requested that Least Authority review several components of the zkBTC protocol, which is a bridge between Bitcoin and Ethereum, using techniques from zero-knowledge proofs. The bridge allows a Bitcoin user to mint a zkBTC token, use this token in the Ethereum ecosystem, and eventually redeem the Bitcoin from the