Difference between revisions of "Third-party security audits"

From Internet Computer Wiki
Jump to: navigation, search
Line 4: Line 4:
 
In order to increase the security of the IC, the DFINITY foundation has on-going third-party audits of the IC.
 
In order to increase the security of the IC, the DFINITY foundation has on-going third-party audits of the IC.
  
== Third party audits and reviews ==
 
  
=== "IC Assessment" by Trail of Bits ===
+
== "IC Assessment" by Trail of Bits ==
  
==== Report & Discussion ====
+
=== Report & Discussion ===
  
[https://forum.dfinity.org/t/internet-computer-security-assessment-by-trail-of-bits-third-party-security-audit/10113 "IC Assessment" by Trail of Bits] on January 4, 2022
+
Date: January 4, 2022
 +
Report Discussion: [https://forum.dfinity.org/t/internet-computer-security-assessment-by-trail-of-bits-third-party-security-audit/10113 "IC Assessment" by Trail of Bits]  
  
==== Areas of the code which were audited: ====
+
=== Areas of the code which were audited: ===
 
* Internet Computer Interfaces
 
* Internet Computer Interfaces
 
* Consensus Layer
 
* Consensus Layer
Line 27: Line 27:
 
* Hardware Wallet
 
* Hardware Wallet
  
 +
== "Internet Computer Consensus: Security Assessment"  by Trail of Bits ==
  
2. [https://forum.dfinity.org/t/internet-computer-consensus-security-assessment-by-trail-of-bits-third-party-security-audit-2/11453 "Internet Computer Consensus: Security Assessment" by Trail of Bits] on March 11, 2022
+
=== Report & Discussion ===
  
3. [https://forum.dfinity.org/t/threshold-ecdsa-cryptography-review-by-ncc-group-third-party-security-audit-3/13853 IC "Threshold ECDSA Cryptography Review" by NCC Group] on June 16, 2022
+
Date: March 11, 2022
 +
Report & Discussion: [https://forum.dfinity.org/t/internet-computer-consensus-security-assessment-by-trail-of-bits-third-party-security-audit-2/11453 "Internet Computer Consensus: Security Assessment" by Trail of Bits]
 +
 
 +
=== Areas of the code which were audited: ===
 +
* Consensus Layer
 +
 
 +
 
 +
 
 +
== IC "Threshold ECDSA Cryptography Review" by NCC Group ==
 +
 
 +
=== Report & Discussion ===
 +
Date: June 16, 2022
 +
Report & Discussion: [https://forum.dfinity.org/t/threshold-ecdsa-cryptography-review-by-ncc-group-third-party-security-audit-3/13853 IC "Threshold ECDSA Cryptography Review" by NCC Group]
 +
 
 +
=== Areas of the code which were audited: ===
 +
* Threshold ECDSA

Revision as of 23:02, 21 June 2022

Goal

In order to increase the security of the IC, the DFINITY foundation has on-going third-party audits of the IC.


"IC Assessment" by Trail of Bits

Report & Discussion

Date: January 4, 2022 Report Discussion: "IC Assessment" by Trail of Bits

Areas of the code which were audited:

  • Internet Computer Interfaces
  • Consensus Layer
  • Network Nervous System
  • Ledger Canister
  • Governance Canister
  • Registry Canister
  • Cycles Minting Canister
  • Genesis Token Canister
  • Cryptography libraries
  • Execution Environment
  • P2P Layer
  • Third Party Dependencies
  • Hardware Wallet

"Internet Computer Consensus: Security Assessment" by Trail of Bits

Report & Discussion

Date: March 11, 2022 Report & Discussion: "Internet Computer Consensus: Security Assessment" by Trail of Bits

Areas of the code which were audited:

  • Consensus Layer


IC "Threshold ECDSA Cryptography Review" by NCC Group

Report & Discussion

Date: June 16, 2022 Report & Discussion: IC "Threshold ECDSA Cryptography Review" by NCC Group

Areas of the code which were audited:

  • Threshold ECDSA