IOHK is pleased to announce the recent audit conducted by Kudelski Security for Icarus


#1

IOHK is pleased to announce the recent audit conducted by Kudelski Security for Icarus, IOHK’s reference implementation for a lightweight wallet developed by the engineering team. Kudelski Security’s audit is an independent and third party security audit, which was completed on numerous audits for various IOHK products.

Independent audits, like this one, are critical for identifying security issues in the Icarus wallet that may not have been identified by internal audits. At the end of the audit, Kudelski responsibly discloses the identified defects so that our developers can correct them prior to the next release of the software. This ensures our customers and clients have the most secure wallet we can provide.

As a point of reference to enable developers to create their own secure light and mobile wallets for Cardano, Icarus is a fully open source code base that will be the first step in a range of open source initiatives to provide developers with a suite of tools for Cardano.

You can access the full security audit report here.

Team IOHK


#2

For the developers out there, I found 2.1 IC-CRY-F-001: Missing sanity checks in Ed25519 API, to be amusing as I usually find such things in limited trials and not when auditing.

The rest of the audit is a treasure trove, ‘back engineering’ rocks.