Over the last few years we’ve been expanding our Ecosystem Support by including various Security Consulting offerings to meet the needs of the different ecosystems with which we are working. Although our main offering is still Security Audits of codebases and specifications for projects, we also offer consultation sessions, and
We want to alert the community that Manifest V2 extensions that are not already available in the Chrome Web Store will have to be reimplemented in the Manifest V3 extension platform in order to be published. As of January 2022, the Chrome Web Store stopped accepting new Manifest V2 extensions
2021 seems to be the year that we all accepted the term “Web3” as the way to refer to the collective movements of decentralizing infrastructure and empowering users to be in control. It means the next generation of the Internet and beyond, which includes the tokenization of things for digital
The Least Authority team reached a notable milestone this month, completing our 100th security audit with the publication of the Clorio Wallet + Mina Ledger JS audit report, funded by the Mina Foundation. Security audits are a key component of Least Authority’s security consulting services. They represent a significant part
Adequate preparation for a security audit is beneficial in a number of ways, both for the purposes of a security audit and in reinforcing development best practices that provide long-term benefits to projects and teams. Effective preparation enables security research teams to focus their efforts and time on reviewing the
In order to increase the transparency of our processes, we have compiled a list of Frequently Asked Questions for our Security Consulting work. The FAQs page provides details about our services, including: An Overview of Our Services, Planning and Preparing for a Security Audit, Responding to and Managing the Findings.
This summer, Least Authority was hired to audit the Ethereum 2.0 node discovery protocol. We enjoyed diving into the protocol, and found some issues that were really interesting to model and test. Read the full report here. Proof of Identity The audit went smoothly and we were able to quickly
Last September, I had the pleasure of performing a security audit for a Tezos project called TezBox, developed by Stephen Andrews. TezBox is a web based digital wallet for using the Tezos cryptocurrency. I’m always excited to audit JavaScript projects, especially those that run in the browser and secure your finances, because the