Difference between revisions of "Third-party security audits"

From Internet Computer Wiki
Jump to: navigation, search
Line 49: Line 49:
 
=== Report & Discussion ===
 
=== Report & Discussion ===
  
Date: July, 2022
+
Date: July 7, 2022
  
 
Report & Discussion: [https://forum.dfinity.org/t/canister-sandbox-review-by-trail-of-bits-third-party-security-audit-4/15951 "Canister Sandboxing" by Trail of Bits]
 
Report & Discussion: [https://forum.dfinity.org/t/canister-sandbox-review-by-trail-of-bits-third-party-security-audit-4/15951 "Canister Sandboxing" by Trail of Bits]
Line 57: Line 57:
 
** [https://github.com/trailofbits/publications/blob/master/reviews/DFINITYCanisterSandbox.pdf "Canister Sandbox - Executive Summary"]
 
** [https://github.com/trailofbits/publications/blob/master/reviews/DFINITYCanisterSandbox.pdf "Canister Sandbox - Executive Summary"]
 
** [https://github.com/trailofbits/publications/blob/master/reviews/DFINITYCanisterSandboxFixReview.pdf "Canister Sandbox - Fix Review"]
 
** [https://github.com/trailofbits/publications/blob/master/reviews/DFINITYCanisterSandboxFixReview.pdf "Canister Sandbox - Fix Review"]
 +
 +
== IC "Threshold ECDSA Integration and Bitcoin Canisters" by Trail of Bits ==
 +
 +
=== Report & Discussion ===
 +
 +
Date: September 5, 2022
 +
 +
Report & Discussion: https://forum.dfinity.org/t/threshold-ecdsa-integration-and-bitcoin-canisters-security-review-by-trail-of-bits-third-party-security-audit-5/15952 ""Threshold ECDSA Integration and Bitcoin Canisters - Security Review"" by Trail of Bits]
 +
 +
=== Areas of the code which were audited: ===
 +
* Threshold ECDSA Integration and Bitcoin Canisters
 +
** [https://github.com/trailofbits/publications/blob/master/reviews/DFINITYThresholdECDSAandBtcCanisters.pdf "Threshold ECDSA Integration - Executive Summary"]
 +
** [https://github.com/trailofbits/publications/blob/master/reviews/DFINITYThresholdECDSAandBtcCanistersFixReview.pdf "Threshold ECDSA Integration - Fix Review"]

Revision as of 21:42, 17 October 2022

"IC Assessment" by Trail of Bits

Report & Discussion

Date: January 4, 2022

Report Discussion: "IC Assessment" by Trail of Bits

Areas of the code which were audited:

  • Internet Computer Interfaces
  • Consensus Layer
  • Network Nervous System
  • Ledger Canister
  • Governance Canister
  • Registry Canister
  • Cycles Minting Canister
  • Genesis Token Canister
  • Cryptography libraries
  • Execution Environment
  • P2P Layer
  • Third Party Dependencies
  • Hardware Wallet

"Internet Computer Consensus: Security Assessment" by Trail of Bits

Report & Discussion

Date: March 11, 2022

Report & Discussion: "Internet Computer Consensus: Security Assessment" by Trail of Bits

Areas of the code which were audited:

  • Consensus Layer


IC "Threshold ECDSA Cryptography Review" by NCC Group

Report & Discussion

Date: June 16, 2022

Report & Discussion: IC "Threshold ECDSA Cryptography Review" by NCC Group

Areas of the code which were audited:

  • Threshold ECDSA

IC "Canister Sandboxing Review" by Trail of Bits

Report & Discussion

Date: July 7, 2022

Report & Discussion: "Canister Sandboxing" by Trail of Bits

Areas of the code which were audited:

IC "Threshold ECDSA Integration and Bitcoin Canisters" by Trail of Bits

Report & Discussion

Date: September 5, 2022

Report & Discussion: https://forum.dfinity.org/t/threshold-ecdsa-integration-and-bitcoin-canisters-security-review-by-trail-of-bits-third-party-security-audit-5/15952 ""Threshold ECDSA Integration and Bitcoin Canisters - Security Review"" by Trail of Bits]

Areas of the code which were audited: