Lightec requested that Least Authority review several components of the zkBTC protocol, which is a bridge between Bitcoin and Ethereum, using techniques from zero-knowledge proofs. The bridge allows a Bitcoin user to mint a zkBTC token, use this token in the Ethereum ecosystem, and eventually redeem the Bitcoin from the
Threshold signing protocols, like FROST, help to facilitate trust while avoiding the reliance on a centralized authority. They do this by fault-tolerantly distributing information or computation among a cluster of cooperating computers. With the rapid advancement of secure digital systems, threshold cryptography is gaining traction through securing multi-signature wallets, protecting
Our team performed a security audit of a core module from Wallet V. This module is responsible for creating wallets, storing private keys, and signing blockchain transactions. Our final audit report was completed on April 2, 2025. To read the full report, including our findings, click here: Report
As the Zcash Ecosystem Security Lead, Zcash Community Grants (ZCG) has requested that Least Authority perform a security audit of the Keystone Hardware Wallet, which supports Zcash users managing their assets. This wallet is designed with several security features, including air-gapped communication, open-source firmware, and a user-friendly interface. Our final
We performed a second security audit of World’s MPC Circuit within the Mobile IrisCode Self-Custody Upgrade project, which allows users to self-host biometric data on their personal device while supporting high-integrity authentication for the World ID service. Our final audit report was completed on March 7, 2025. To read the
In today’s rapidly evolving tech landscape, ensuring robust security is more than a checklist—it’s a collaborative journey. At Least Authority, our process begins by working closely with our client to define the audit scope and secure the essential documentation and resources. Through in-depth technical discussions, we pinpoint key concerns and
Can Artificial Intelligence Be Integrated Into Our Workflow? At Least Authority, we are always exploring innovative ways to enhance our security auditing processes and improve our ability to identify vulnerabilities. One area of particular interest is the usefulness of various Artificial Intelligence (AI) models and how they can be integrated
Our team performed a review of the recent changes to World‘s secure multi-party computation protocol V2 (SMPC Protocol), which is used to match a given iris against a database of iris shares. In this third review, we audited the changes implemented in the second version of the protocol since our