Summary
A top Internet Computer based digital asset wallet - OISY - was recently assessed by Trail of Bits, a leading technical security auditor operating as a center of excellence for blockchain security. OISY is the world’s first fully onchain digital asset wallet, consolidating chains, identities, and primitives into a single immutable DeFi terminal. OISY on GitHub
The OISY report can be found here, and in the full list of historical audits available here.
The finding breakdown is as follows:
-
High - 0 issues found
-
Medium - 1 issue found
-
Low - 4 issues found
-
Informational - 8 issues found
-
Undetermined - 1 issue found
All medium and low issues have been addressed and went through a fix review. See the fix review results in Appendix E.
We’d like to thank the Trail of Bits team for their excellent contributions, the audit and security-related recommendations, and the effective collaboration.
Discussion Leads
Happy to discuss and answer any questions you may have. The people at DFINITY who were most involved and can be tagged for questions are @robin-kunzler (Product Security) and @StefanBerger-DFINIT1 (OISY).
Previous Forum Discussions about Security Assessments
-
“ckBTC and Service Nervous System (SNS) Third-Party Security Assessments” by Trail of Bits
-
“Threshold ECDSA Integration and Bitcoin Canisters - Security Review” by Trail of Bits
-
“Canister Sandboxing” by Trail of Bits
-
“Threshold ECDSA Cryptography Review” by NCC Group
-
“Internet Computer Consensus: Security Assessment” by Trail of Bits
-
“IC Assessment” by Trail of Bits