Blog

Audit of Dead Canaries’ Onion Routed Cloud

The Onion Routed Cloud Project has requested Least Authority perform a security audit of Onion Routed Cloud (ORC), a piece of software designed to support and protect journalists and activists by providing an anonymous, distributed, and censorship resistant cloud.   Our final audit report was completed on April 5th, 2019.  

Read More »

Least Authority Performs Security Audit of the Cosmos Blockchain SDK Framework

Least Authority performed a security audit of the Cosmos Blockchain SDK, a framework for building Proof of Stake state machines. The investigation and analysis were conducted by Emery Rose  Hall and Ramakrishnan Muthukrishnan, along with project management support by Hind Abu-Amr, in collaboration with Tendermint team members Jessy Irwin, Zaki Manian, Christopher Goes, and Jack Zampolin.

Read More »

Five Security Audits for the Tezos Foundation

We are happy to release the results of the five security audits that Least Authority performed in 2018 for the Tezos Foundation, a Swiss non-profit organization that supports Tezos, a distributed, peer-to-peer, permissionless network, and the community around it. This series of security audits were done as part of the Tezos Foundation’s effort to improve the security

Read More »

Least Authority and Private Internet Access announce PrivateStorage.io: a secure and privacy-focused cloud storage solution.

PrivateStorage is a joint venture product developed and maintained by Least Authority and Private Internet Access. As firm believers in protection of our customers’ privacy, we joined efforts to offer a private, secure and end-to-end encrypted solution to allow the end user — not third-parties — to determine whether and to what extent the personal data

Read More »

How The TezBox Wallet Audit Should Inform How We Think About Privacy

Last September, I had the pleasure of performing a security audit for a Tezos project called TezBox, developed by Stephen Andrews. TezBox is a web based digital wallet for using the Tezos cryptocurrency. I’m always excited to audit JavaScript projects, especially those that run in the browser and secure your finances, because the browser is a hostile place

Read More »

Announcing the release of Gridsync 0.4.0: the latest version of our graphical user interface for Tahoe-LAFS/S4

We’re excited to announce that we have rolled out Gridsync 0.4.0 — the latest version of our graphical user interface for Tahoe-LAFS/S4. This release contains a number of new features, improvements, and bug-fixes and is a recommended upgrade for all customers of our Simple Secure Storage Service (S4). Among the latest changes include: Tor integration. Gridsync now offers

Read More »

Releasing Three Zcash Security Audit Reports

At the request of Zcash Company, the team at Least Authority had the opportunity to provide security consulting services on Zcash’s major 2018 releases. This included auditing Zcashd v1.0.15 (as part of the Sprout 1.0.x series), reviewing and providing feedback on the Overwinter and Sapling Specifications for future implementation, and a security review of the Sapling Implementation and RPC Interface

Read More »

Introducing P4: Private Periodic Payment Protocol

Least Authority has recently designed a protocol called the Private Periodic Payment Protocol, or P4, which aims to define the way in which subscription services can be funded using end-to-end private cryptocurrency payments. P4 incorporates the use of Zcash shielded transactions for private payments and leverages the Tor anonymity network’s onion services to radically reduce the amount of personally identifiable information (PII) available to merchants. In addition, P4 introduces…

Read More »