Summary
Trail of Bits, is a highly-rated cybersecurity research and consulting firm which has done security audits of dozens of blockchains. In May 2022, Trail of Bits and the DFINITY Foundation worked together to audit the design and implementation of the “integration of the threshold ECDSA signature scheme with its consensus protocol and Bitcoin canister and adapter.”
Please note the “exposure analysis”:
- High - 0 issues found
- Medium - 1 issue found
- Low - 1 issue found
- Informational - 1 issue found
- Undetermined - 1 issue found
Review Documents
-
Threshold ECDSA Integration and Bitcoin Canisters - Security Review - Executive Summary
-
Threshold ECDSA Integration and Bitcoin Canisters - Security Review - Fix Review
Previous Security Reviews
You can find list of previous security reviews on the IC wiki:
https://wiki.internetcomputer.org/wiki/Third-party_security_audits.
Discussion leads
The person at DFINITY who was most involved and can best answer questions is @robin-kunzler of the DFINITY Crypto team.