Our team performed a security audit of the Joey Wallet’s key management, focusing on the proper implementation of key derivation, management, and storage. Our final audit report was completed on June 6, 2025. To read the full report, including our findings, click here: Report
As the Zcash ecosystem Security Lead, Zcash Community Grants (ZCG) requested that we perform a security audit of the Kotlin and Swift Payment URI Prototypes, a library for processing Zcash Payment URIs, as defined in ZIP-321. The core functionality of this library, which is implemented in Kotlin for Android and in Swift for
At Least Authority, we believe that people have a fundamental right to privacy. In a technical context, a “right to privacy” translates into concrete requirements and design principles that ensure users maintain meaningful control over their personal data. Our security consulting work is rooted in this value as we help
As the Zcash ecosystem Security Lead, Zcash Community Grants (ZCG) requested that we perform a security audit of the FROST server and client components. The frost-crate is an implementation for a threshold Schnorr signatures scheme called FROST (RFC 9591, [KG20]). The frost-demo allows a user to locally mimic a key generation
Least Authority has been awarded a grant from the Ethereum Foundation’s Verified zkEVM program to create a comprehensive Lean blueprint for two cryptographic protocols, STIR [ACF+25] and WHIR [ACF+24], which are interactive oracle proofs of proximity (IOPPs) for Reed-Solomon codes. The zkEVM Program is a recent initiative that aims to
Lightec requested that Least Authority review several components of the zkBTC protocol, which is a bridge between Bitcoin and Ethereum, using techniques from zero-knowledge proofs. The bridge allows a Bitcoin user to mint a zkBTC token, use this token in the Ethereum ecosystem, and eventually redeem the Bitcoin from the
Threshold signing protocols, like FROST, help to facilitate trust while avoiding the reliance on a centralized authority. They do this by fault-tolerantly distributing information or computation among a cluster of cooperating computers. With the rapid advancement of secure digital systems, threshold cryptography is gaining traction through securing multi-signature wallets, protecting
Our team performed a security audit of a core module from Wallet V. This module is responsible for creating wallets, storing private keys, and signing blockchain transactions. Our final audit report was completed on April 2, 2025. To read the full report, including our findings, click here: Report