We want to alert the community that Manifest V2 extensions that are not already available in the Chrome Web Store will have to be reimplemented in the Manifest V3 extension platform in order to be published. As of January 2022, the Chrome Web Store stopped accepting new Manifest V2 extensions
The Least Authority team reached a notable milestone this month, completing our 100th security audit with the publication of the Clorio Wallet + Mina Ledger JS audit report, funded by the Mina Foundation. Security audits are a key component of Least Authority’s security consulting services. They represent a significant part
Adequate preparation for a security audit is beneficial in a number of ways, both for the purposes of a security audit and in reinforcing development best practices that provide long-term benefits to projects and teams. Effective preparation enables security research teams to focus their efforts and time on reviewing the
In order to increase the transparency of our processes, we have compiled a list of Frequently Asked Questions for our Security Consulting work. The FAQs page provides details about our services, including: An Overview of Our Services, Planning and Preparing for a Security Audit, Responding to and Managing the Findings.
This summer, Least Authority was hired to audit the Ethereum 2.0 node discovery protocol. We enjoyed diving into the protocol, and found some issues that were really interesting to model and test. Read the full report here. Proof of Identity The audit went smoothly and we were able to quickly
PrivateStorage is a joint venture product developed and maintained by Least Authority and Private Internet Access. As firm believers in protection of our customers’ privacy, we joined efforts to offer a private, secure and end-to-end encrypted solution to allow the end user — not third-parties — to determine whether and to
Last September, I had the pleasure of performing a security audit for a Tezos project called TezBox, developed by Stephen Andrews. TezBox is a web based digital wallet for using the Tezos cryptocurrency. I’m always excited to audit JavaScript projects, especially those that run in the browser and secure your finances, because the
Earlier this year, Least Authority completed a security audit of Knot DNS and the Knot Resolver for the Mozilla Secure Open Source (“SOS”) Fund. The Mozilla SOS Fund provides security auditing, remediation, and verification for key open source software projects. This Fund is part of the Mozilla Open Source Support program (MOSS) which recognizes and celebrates open source