Mainnet Milestone: BLS and Hash Review
As mainnet draws ever nearer, we are pleased to share the results of another audit, this time covering our foundational cryptographic libraries and implementation.
Conducted by Jean-Philippe Aumasson, a widely recognized authority in the cryptographic field with hundreds of publications, we are able to share the results.
Jean-Philippe is a cryptography heavyweight, and is the co-founder and Chief Security Officer at Taurus SA, as well as being the author of multiple cryptography books and working on a wide variety of blockchain-based cryptographic projects and protocols.
Being the main author of publications in the field of BLS signature, hashing, and cipher, it was a clear that there is no-one more qualified than him to analyse the security of our core crypto libraries, and assess adherence of the code to the highest standard of quality.
The Process
JP outlines the process in the audit, explaining that he and his team reviewed the code for Rust-related issues as well cryptographic ones, while also checking the implementation.
They ran multiple tests, and overall found very few security issues, showing that our protocol is robust and well-implemented.
The Report
We are pleased to report that the report was positive overall, showing that our implementation and use within the Dusk protocol stands up well to testing, and that the implementation is adhering quite strictly with the specifications. We were pleased that JP and his team didn’t find any critical nor major issue, and are grateful for the smaller but useful improvements they advised us to introduce.
We took all of their findings into account, and are pleased with their work and the outcome.
Thank you to everyone involved!
You can read the full report here.
You can find the Audit repository on Github. We will add reports here as they become available.
Thank you to JP Aumasson for his detailed and thorough audit, and such a full and complete report.