Blog

Audit of Centrifuge’s Tinlake Contracts + Actions

Overview Centrifuge has requested that Least Authority perform a security audit of their Tinlake Platform, a smart contracts framework on Ethereum that enables borrowers to draw loans against non-fungible assets. Any assets represented on-chain as Non-Fungible Tokens (NFTs) are financed by issuing an ERC-20 token against all of the collateral NFTs that are deposited into

Read More »

Using ZKAPs to Disconnect Payment Data from Service Data

A note from the team: we’re continually looking for possible applications of ZKAPs in a variety of scenarios. If there is a product or project you’re working on that you would like to test ZKAPs with, don’t hesitate to get in touch! Last month, our team, the Least Authoritarians, gave two presentations on ZKAPs—zero-knowledge access

Read More »

Audit of ChainSafe Utility Libraries

Overview ChainSafe has requested that Least Authority perform a security audit of their Lodestar utility libraries. Lodestar is an Ethereum 2.0 implementation of the Beacon Chain. The following utility libraries are considered in scope: Persistent Merkle Tree: https://github.com/chainsafe/persistent-merkle-tree BLS key derivation and hd key utilities: https://github.com/ChainSafe/bls-hd-key Key management for BLS curves: https://github.com/ChainSafe/bls-keygen BLS key store:

Read More »

Audit of TzBTC for the Tezos Foundation

Overview The Tezos Foundation requested that Least Authority perform a security audit of TzBTC, a BTC-backed token on Tezos. TzBTC enables the compliant issuance of a fully Bitcoin-backed token on the Tezos blockchain while aiming to eradicate the risks of a single-point-of-failure. This is achieved by dividing the various tasks into keyholders that are responsible

Read More »

Audit of MetaMask Plugin System + LavaMoat

Overview ConsenSys AG has requested that Least Authority perform a security audit of MetaMask, a browser extension that enables interaction with applications built on Ethereum. MetaMask allows users to browse the web and interact with Ethereum applications, sign messages and transactions, and securely manage and store their private keys and assets.  The following components were

Read More »

Ethereum 2.0 Specifications

The Least Authority team recently completed our audit of the Ethereum 2.0 Specifications. Read our full report here.  Ethereum 2.0 will be a significant network upgrade and is set to take place in 3 distinct phases—Phase 0: Beacon Chain, Phase 1: Shard Chains, and Phase 2: Execution Environments. It is one of the first Proof

Read More »

Adapting Secure File Storage Tools for Human Rights Defenders

Least Authority is committed to supporting privacy as a fundamental human right and to actively participate in making privacy-focused open-source tools available for everyone. In the case of  human rights defenders, protecting their sensitive files—including reports, photos, videos, and other documentation—is a necessity, and at times, a matter of the personal safety of themselves and

Read More »