Blog

Keystone – Hardware Wallet for Zcash

As the Zcash Ecosystem Security Lead, Zcash Community Grants (ZCG) has requested that Least Authority perform a security audit of the Keystone Hardware Wallet, which supports Zcash users managing their assets. This wallet is designed with several security features, including air-gapped communication, open-source firmware, and a user-friendly interface. Our final

Read More »

World – Mobile IrisCode Self-Custody Upgrade (2nd Review)

We performed a second security audit of World’s MPC Circuit within the Mobile IrisCode Self-Custody Upgrade project, which allows users to self-host biometric data on their personal device while supporting high-integrity authentication for the World ID service. Our final audit report was completed on March 7, 2025. To read the

Read More »

Zcash – Coin Voting 2.0

As the Zcash ecosystem Security Lead, Zcash Community Grants (ZCG) requested we perform research, investigation, and review of the Coin Voting 2.0 which is designed as a voting system that aims to be privacy-preserving and secure. The voting system leverages Zcash Orchard’s shielded notes to utilize Zcash balances as verifiable

Read More »

World – SMPC Protocol (3rd Review)

Our team performed a review of the recent changes to World‘s secure multi-party computation protocol V2 (SMPC Protocol), which is used to match a given iris against a database of iris shares. In this third review, we audited the changes implemented in the second version of the protocol since our

Read More »

Warlock Labs – Sylow and SolBLS

Warlock has requested that Least Authority perform a security audit of Sylow and SolBLS. Sylow is a Rust library for elliptic curve cryptography, specifically tailored for the BN254 curve, and SolBLS is a Solidity library optimized for on-chain BLS signature verification. Our final audit report was completed on January 6,

Read More »

QEDIT – OrchardZSA Protocol for Zcash

As the Zcash Ecosystem Security Lead, Zcash Community Grants (ZCG) has requested that Least Authority perform a security audit of the OrchardZSA Protocol by the QEDIT team. OrchardZSA is an extension of the Zcash Orchard protocol. Our final audit report was completed on January 3, 2025*.  To read the full

Read More »

World – Mobile IrisCode Self-Custody Upgrade

We performed a security audit of World‘s Mobile IrisCode Self-Custody Upgrade project, which allows users to self-host biometric data on their personal device while supporting authentication for the World ID service. Our final audit report was completed on January 2, 2025. To read the full report, including our findings, click

Read More »

Aligned Layer – ERC20 and Claim Smart Contracts

Our team performed a security audit of Aligned Layer’s ERC20 token contract for the Aligned Token $ALIGN. This audit also included the ClaimableAirdrop contract for token distribution and the deployment process. Our final audit report was completed on December 23, 2024. To read the full report, including our findings, click

Read More »
Archives