Difference between revisions of "Third-party security audits"

From Internet Computer Wiki
Jump to: navigation, search
Line 5: Line 5:
  
 
== Third party audits and reviews ==
 
== Third party audits and reviews ==
1. [https://forum.dfinity.org/t/internet-computer-security-assessment-by-trail-of-bits-third-party-security-audit/10113 "IC Assesment" by Trail of Bits] on January 4, 2022
+
 
 +
=== "IC Assessment" by Trail of Bits ===
 +
 
 +
==== Report & Discussion ====
 +
 
 +
[https://forum.dfinity.org/t/internet-computer-security-assessment-by-trail-of-bits-third-party-security-audit/10113 "IC Assessment" by Trail of Bits] on January 4, 2022
 +
 
 +
==== Areas of the code which were audited: ====
 +
* Internet Computer Interfaces
 +
* Consensus Layer
 +
* Network Nervous System
 +
* Ledger Canister
 +
* Governance Canister
 +
* Registry Canister
 +
* Cycles Minting Canister
 +
* Genesis Token Canister
 +
* Cryptography libraries
 +
* Execution Environment
 +
* P2P Layer
 +
* Third Party Dependencies
 +
* Hardware Wallet
 +
 
  
 
2. [https://forum.dfinity.org/t/internet-computer-consensus-security-assessment-by-trail-of-bits-third-party-security-audit-2/11453 "Internet Computer Consensus: Security Assessment" by Trail of Bits] on March 11, 2022
 
2. [https://forum.dfinity.org/t/internet-computer-consensus-security-assessment-by-trail-of-bits-third-party-security-audit-2/11453 "Internet Computer Consensus: Security Assessment" by Trail of Bits] on March 11, 2022
  
 
3. [https://forum.dfinity.org/t/threshold-ecdsa-cryptography-review-by-ncc-group-third-party-security-audit-3/13853 IC "Threshold ECDSA Cryptography Review" by NCC Group] on June 16, 2022
 
3. [https://forum.dfinity.org/t/threshold-ecdsa-cryptography-review-by-ncc-group-third-party-security-audit-3/13853 IC "Threshold ECDSA Cryptography Review" by NCC Group] on June 16, 2022

Revision as of 22:59, 21 June 2022

Goal

In order to increase the security of the IC, the DFINITY foundation has on-going third-party audits of the IC.

Third party audits and reviews

"IC Assessment" by Trail of Bits

Report & Discussion

"IC Assessment" by Trail of Bits on January 4, 2022

Areas of the code which were audited:

  • Internet Computer Interfaces
  • Consensus Layer
  • Network Nervous System
  • Ledger Canister
  • Governance Canister
  • Registry Canister
  • Cycles Minting Canister
  • Genesis Token Canister
  • Cryptography libraries
  • Execution Environment
  • P2P Layer
  • Third Party Dependencies
  • Hardware Wallet


2. "Internet Computer Consensus: Security Assessment" by Trail of Bits on March 11, 2022

3. IC "Threshold ECDSA Cryptography Review" by NCC Group on June 16, 2022