Threat analysis
Closed this issue · 4 comments
jdsika commented
Hi Team,
has there been an security audit of the Temple wallet plugin that I can access?
I would need this to allow usage in the company.
Best regards
Carlo
jdsika commented
What kind of "quality measures" are you taking to avoid security risks in your builds?
unixvb commented
Hi
We have passed 2 security audits:
- Least Authority report
- Cossack LAbs report is not public yet. We will make the announcement after resolving all legal issues
jdsika commented
Thank you! What about the "unit and integration" tests that are marked with "unresolved" (at that time)?
unixvb commented
We have fixed these 2 issues within last audit:
- Lack of proper testing of transaction signer cryptographic code
- Lack of proper testing of beacon-related cryptographic code
And they were accepted by the audit team.
Plus we have written additional tests for main units (excluding React components).
All tests are running automatically on PR to development and production branches.