1. BITBILIHome
  2. Article

Worldcoin Protocol Successfully Passes Security Audits by Nethermind and Least Authority

25 views

TL;DR Breakdown

  • Worldcoin, a blockchain-based protocol, has successfully passed two separate security audits conducted by Nethermind and Least Authority.
  • The audits began in April 2023 and covered various aspects of the Worldcoin protocol, including its cryptographic constructs, smart contracts, and resistance to potential attacks.

Description

Worldcoin, a blockchain-based protocol, has recently undergone two separate security audits conducted by renowned audit firms Nethermind and Least Authority. The audits began in April 2023 and focused on various aspects of the Worldcoin protocol, including its cryptographic constructs, smart contracts, and resistance to potential attacks. The results of these audits have now been made … Read more

Worldcoin, a blockchain-based protocol, has recently undergone two separate security audits conducted by renowned audit firms Nethermind and Least Authority. The audits began in April 2023 and focused on various aspects of the Worldcoin protocol, including its cryptographic constructs, smart contracts, and resistance to potential attacks. The results of these audits have now been made public, demonstrating Worldcoin’s commitment to transparency and security.

Worldcoin’s protocol, which includes both off-chain and on-chain components, is based on Semaphore from the Ethereum PSE group. The protocol’s implementation, including its use of cryptographic constructs and smart contracts, is documented in the Worldcoin whitepaper.

The Scope of the Audits

The audits covered a broad range of areas, including the correctness of the implementation, common and case-specific implementation errors, adversarial actions, secure key storage, and resistance to DDoS attacks. Other focus areas included potential vulnerabilities leading to adversarial actions, protection against malicious attacks, performance issues, data privacy, and inappropriate permissions.

Nethermind’s audit focused on the protocol’s smart contracts, which include the World ID contracts, the World ID state bridge, the World ID example airdrop contracts, the Worldcoin tokens (WLD) grants contracts, and the WLD ERC-20 token contract and its associated vesting wallet. Of the 26 items that surfaced during this security assessment, 92.6% (24) were identified as fixed after the verification stage, while one was mitigated and the remaining one was acknowledged.

Least Authority, on the other hand, concentrated on the protocol’s use of cryptography. This included the Semaphore protocol and the enhancements made to scale the protocol in a more gas-efficient manner. The team identified three issues and offered six suggestions, all of which have either been resolved or have planned resolutions. The Least Authority report stated, “We found that the cryptographic component of the Worldcoin Protocol is generally well-designed and implemented.”

In some cases, items identified were due to the protocol’s dependencies on Semaphore and Ethereum, such as elliptic curve precompile support or Poseidon hash function configuration.

The Backstory of Worldcoin

Worldcoin first rose to prominence in 2021 when it announced that it would give away free tokens to any users who verify their humanness, which they could do by having their iris scanned by a device called an “Orb.” The project was co-founded by Sam Altman, the co-founder of AI developer OpenAI. At the time, Altman and other team members argued that AI bots would become an increasing problem on the internet if people didn’t find a way to verify their humanness without giving up their privacy. According to the protocol’s documentation, The Orb produces a hash of the user’s iris scan but does not keep a copy of the iris scan.

Controversies and Criticisms

Worldcoin initiated its public launch on July 25, after nearly two years of development and beta testing. But criticism of it erupted almost immediately. The United Kingdom’s Information Commissioner’s Office (ICO) reportedly said the government body was deciding whether to investigate the project for violating the country’s data protection laws. French data protection agency CNIL also questioned Worldcoin’s legality. The crypto community was divided over the project’s launch, with some participants seeing it as the start of a dystopian future where privacy would be eliminated. In contrast, others saw it as a necessary step towards protecting humans against malicious AIs.

Worldcoin aims to establish a proof of personhood that is decentralized, privacy-preserving, open-source, and accessible to everyone. The successful completion of these audits is a significant step towards achieving this goal, demonstrating the robustness and security of the Worldcoin protocol.

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

文章来源于互联网:Worldcoin Protocol Successfully Passes Security Audits by Nethermind and Least Authority

Disclaimers:

1. You are solely responsible for your investment decisions and this info is not liable for any losses you may incur.

2. The copyright of this article belongs to the writer, it represents the writer's opinions only, not represents the site's ones. Not financial advice.

Previous 2023年7月29日 17:09
Next 2023年7月29日 17:59

Related articles

  • Crypto storage provider Zodia Custody launch in Singapore

    TL;DR Breakdown Zodia Custody, a subsidiary of Standard Chartered (STAN), has officially launched its cryptocurrency storage services in Singapore. The establishment of Zodia Custody in Singapore signifies a unique convergence of traditional financial institutions with digital asset firms within the country.  Description Zodia Custody, a subsidiary of Standard Chartered (STAN), has officially launched its cryptocurrency storage services in Singapore. The firm has established a new entity known as Zodia Custody (Singapore) Pvt. Limited and has appointed Kai Kano, the former managing director of Bitgo, as its inaugural CEO. This move by Zodia Custody comes as Singapore witnesses … Read more Zodia Custody, a subsidiary of Standard Chartered (STAN), has officially launched its cryptocurrency storage services in Singapore. The firm has established a new entity known as Zodia Custody (Singapore) Pvt. Limited and has appointed Kai Kano, the former managing director of Bitgo, as its inaugural CEO. This move by Zodia Custody comes as Singapore witnesses a burgeoning interest in digital asset custody services, particularly among financial institutions. Notably, Zodia Custody has strategically entered the Singaporean market before it becomes a…

    Article 2023年9月13日

  • US-China tech clash heats up: Beijing’s export move

    TL;DR Breakdown China has imposed export restrictions on gallium and germanium, key elements used in semiconductors and electric vehicles, causing global supply chain disruptions. This move is viewed as Beijing’s counter to U.S. attempts to hinder China’s technological progress, escalating the ongoing U.S.-China tech trade war. Fears of potential restrictions on rare earth exports are surfacing, given China’s dominance in their production. Description The temperature in the tech arena between the United States and China is escalating, as Beijing’s recent maneuver in the export sector introduces a new dynamic to this complex relationship. In an unexpected move, China has clamped down on the export of two essential metals, gallium and germanium, largely utilized in the manufacture of semiconductors … Read more The temperature in the tech arena between the United States and China is escalating, as Beijing’s recent maneuver in the export sector introduces a new dynamic to this complex relationship. In an unexpected move, China has clamped down on the export of two essential metals, gallium and germanium, largely utilized in the manufacture of semiconductors and electric vehicles. Businesses…

    Article 2023年7月6日

  • FedNow launch imminent: Key details finally revealed

    TL;DR Breakdown The U.S Federal Reserve is set to launch FedNow, a service allowing real-time fund transfers 24/7. FedNow will partner with 41 banks and 15 service providers initially, including major and community banks. The system allows direct settlements in central bank accounts, different from intermediary services like PayPal. Description The much-anticipated FedNow service, the product of the U.S. Federal Reserve’s painstaking endeavors, is primed for an imminent launch. Positioned to revolutionize the United States payment system, FedNow promises instant fund transfers 24/7 for all Americans. This major leap forward aims to streamline transactions and put an end to the multi-day waiting period that’s been … Read more The much-anticipated FedNow service, the product of the U.S. Federal Reserve’s painstaking endeavors, is primed for an imminent launch. Positioned to revolutionize the United States payment system, FedNow promises instant fund transfers 24/7 for all Americans. This major leap forward aims to streamline transactions and put an end to the multi-day waiting period that’s been a bottleneck in domestic financial exchanges. Bringing real-time payments to the forefront FedNow’s conception dates back to…

    Article 2023年7月21日

  • Revolut Ceases Offering Solana, Cardano, and Polygon Tokens to US Users

    TL;DR Breakdown Revolut will no longer offer Solana, Cardano, and Polygon tokens to its US customers due to Bakkt’s decision to delist these cryptocurrencies. The move is a response to the SEC’s classification of the tokens as unregistered securities and reflects a larger trend of platforms adjusting their crypto offerings Description Revolut, a prominent UK-based fintech app, has made the decision to discontinue providing Solana (SOL), Cardano (ADA), and Polygon (MATIC) tokens to its customers in the United States. This move follows the delisting of these cryptocurrencies by its provider, Bakkt Holdings Inc., in response to the US Securities and Exchange Commission’s (SEC) classification of these … Read more Revolut, a prominent UK-based fintech app, has made the decision to discontinue providing Solana (SOL), Cardano (ADA), and Polygon (MATIC) tokens to its customers in the United States. This move follows the delisting of these cryptocurrencies by its provider, Bakkt Holdings Inc., in response to the US Securities and Exchange Commission’s (SEC) classification of these tokens as unregistered securities. As regulatory scrutiny intensifies within the crypto industry, Revolut’s decision reflects the…

    Article 2023年7月6日

  • ZkSync co-creator controversial novel hierarchical onchain court system proposal 

    TL;DR Breakdown Alex Glochowski, co-creator of Ethereum’s layer 2 scaling solution zkSync, recently unveiled an innovative governance proposal called L1 Fork, which serves as a Court of Final Appeal within the blockchain ecosystem. He emphasized the limitations of the fork choice resolution, highlighting that assets bridged from Ethereum cannot be easily forked.   An essential feature of this proposal is the introduction of an appeal period, during which the court’s decisions can be challenged, followed by a response from the court. Description Alex Glochowski, co-creator of Ethereum‘s layer 2 scaling solution zkSync, recently unveiled an innovative governance proposal called L1 Fork, which serves as a Court of Final Appeal within the blockchain ecosystem. This groundbreaking concept aims to address the inherent risks associated with the implementation of smart contracts and introduce a hierarchical system of on-chain courts … Read more Alex Glochowski, co-creator of Ethereum‘s layer 2 scaling solution zkSync, recently unveiled an innovative governance proposal called L1 Fork, which serves as a Court of Final Appeal within the blockchain ecosystem. This groundbreaking concept aims to address the inherent risks associated…

    Article 2023年9月4日
TOP