Blog

Using ZKAPs to Disconnect Payment Data from Service Data

A note from the team: we’re continually looking for possible applications of ZKAPs in a variety of scenarios. If there is a product or project you’re working on that you would like to test ZKAPs with, don’t hesitate to get in touch! Last month, our team, the Least Authoritarians, gave

Read More »

Audit of ChainSafe Utility Libraries

Overview ChainSafe has requested that Least Authority perform a security audit of their Lodestar utility libraries. Lodestar is an Ethereum 2.0 implementation of the Beacon Chain. The following utility libraries are considered in scope: Persistent Merkle Tree: https://github.com/chainsafe/persistent-merkle-tree BLS key derivation and hd key utilities: https://github.com/ChainSafe/bls-hd-key Key management for BLS

Read More »

Audit of TzBTC for Tezos Foundation

The Tezos Foundation requested that Least Authority perform a security audit of TzBTC, a BTC-backed token on Tezos. TzBTC enables the compliant issuance of a fully Bitcoin-backed token on the Tezos blockchain while aiming to eradicate the risks of a single-point-of-failure. This is achieved by dividing the various tasks into

Read More »

Audit of MetaMask Plugin System + LavaMoat

ConsenSys AG has requested that Least Authority perform a security audit of MetaMask, a browser extension that enables interaction with applications built on Ethereum. MetaMask allows users to browse the web and interact with Ethereum applications, sign messages and transactions, and securely manage and store their private keys and assets. 

Read More »

Ethereum 2.0 Specifications

The Least Authority team recently completed our audit of the Ethereum 2.0 Specifications. Read our full report here.  Ethereum 2.0 will be a significant network upgrade and is set to take place in 3 distinct phases—Phase 0: Beacon Chain, Phase 1: Shard Chains, and Phase 2: Execution Environments. It is

Read More »

Adapting Secure File Storage Tools for Human Rights Defenders

Least Authority is committed to supporting privacy as a fundamental human right and to actively participate in making privacy-focused open-source tools available for everyone. In the case of  human rights defenders, protecting their sensitive files—including reports, photos, videos, and other documentation—is a necessity, and at times, a matter of the

Read More »

Audit of MetaMask Permissions System + CapNode

ConsenSys AG has requested that Least Authority perform a security audit of MetaMask, a browser extension that enables interaction with applications built on Ethereum. MetaMask allows users to browse the web and interact with Ethereum applications, sign messages and transactions, and securely manage and store their private keys and assets.

Read More »

Our Audit of Ethereum Foundation’s Node Discovery Protocol

This summer, Least Authority was hired to audit the Ethereum 2.0 node discovery protocol. We enjoyed diving into the protocol, and found some issues that were really interesting to model and test. Read the full report here.  Proof of Identity The audit went smoothly and we were able to quickly

Read More »
Archives