The Least Authority team reached a notable milestone this month, completing our 100th security audit with the publication of the Clorio Wallet + Mina Ledger JS audit report, funded by the Mina Foundation. Security audits are a key component of Least Authority’s security consulting services. They represent a significant part
cLabs has requested that Least Authority perform a security audit of Plumo, a SNARK-based protocol for achieving an ultra fast light client for the Celo blockchain. Plumo is based on the Groth16 SNARK. Specifically, Celo uses the BW6-761 curve and the Groth16 proving system, as implemented in ZEXE, a Rust
Mina Foundation requested that Least Authority perform a security audit of the Clorio wallet and Mina Ledger JS. The Clorio wallet consists of the Clorio client implementation, a wallet client built on top of the Mina Protocol, and the Clorio server assistant, a GraphQL wrapper for the Clorio client to
Hiro requested that Least Authority perform a security audit and penetration testing of the Stacks Wallet, a new browser extension for Chrome and Firefox that enables users to perform the following: ● Authenticate web applications with 12 or 24-word mnemonic keys; ● Set passwords for the encryption and storage of
All in Bits has requested that Least Authority perform a security audit of the Cosmos SDK Liquidity Module, a Decentralized Finance (DeFi) application that allows the implementation of a token Decentralized Exchange (DEX) on any Cosmos SDK based network. Our final audit report was completed on June 24th, 2021. To
Filecoin Foundation requested that Least Authority perform a security audit of Venus, an implementation of the Filecoin Distributed Storage Network written in Go. Filecoin is a decentralized storage network that transforms unused cloud storage into an algorithmic market in which miners and clients are incentivized to participate. Our final audit
Adequate preparation for a security audit is beneficial in a number of ways, both for the purposes of a security audit and in reinforcing development best practices that provide long-term benefits to projects and teams. Effective preparation enables security research teams to focus their efforts and time on reviewing the
Ethereum Foundation has requested that Least Authority perform a security audit of the EIP-3074: AUTH and AUTHCALL opcodes specification, which aims to allow Externally Owned Accounts (EOAs) to delegate control of their account to a smart contract. This EIP introduces two Ethereum Virtual Machine (EVM) instructions, AUTH and AUTHCALL. The