Threat analysis

Question

Closed this issue 2 years ago · 4 comments

Hi Team,

has there been an security audit of the Temple wallet plugin that I can access?
I would need this to allow usage in the company.

Best regards
Carlo

Answer 1 · 2022-06-07T09:26:59.000Z

What kind of "quality measures" are you taking to avoid security risks in your builds?

Answer 2 · 2022-06-08T09:48:17.000Z

Hi
We have passed 2 security audits:

Least Authority report
Cossack LAbs report is not public yet. We will make the announcement after resolving all legal issues

Answer 3 · 2022-06-08T10:57:16.000Z

Thank you! What about the "unit and integration" tests that are marked with "unresolved" (at that time)?

Answer 4 · 2022-06-08T11:14:46.000Z

We have fixed these 2 issues within last audit:

Lack of proper testing of transaction signer cryptographic code
Lack of proper testing of beacon-related cryptographic code
And they were accepted by the audit team.

Plus we have written additional tests for main units (excluding React components).

All tests are running automatically on PR to development and production branches.