Concordium Mobile Wallets’ Penetration test
As a privacy-centric blockchain, we prioritize Concordium’s users’ safety.
Concordium has created and is deploying a unique solution relying on strong cryptography at its protocol level. When it comes to the user level, security is vital.
With our expected launch, we would like to share the results of the penetration tests we’ve been through and to provide the audit results.
The full report is here.
Scope
We are sharing the final report of NowSecure that was commissioned by Concordium to perform a Mobile Application Security Assessment on the StagingNet-Wallet Staging application for the iOS and Android platforms.
The scope of work is split into four categories:
- Device
- Network
- Backend
- Reverse Engineering
Findings and conclusions
“With no high risk findings on this assessment, StagingNet-Wallet Staging v0.1/0.5.37 for iOS, Android is eligible for Certification. The app was found through empirical testing to avoid significant security vulnerabilities, and does not store sensitive data insecurely. Certification may be displayed publicly, with a badge and hosted verification page, with agreement to the mobile application security certification terms of use.”
And from here?
Concordium is still under development (and will be for the foreseeable future) thus we encourage the community to help to identify potential vulnerabilities by submitting a report or alerting the team and the community on our community channels on Discord or Telegram.
We want to thank the amazing team at NowSecure for their insightful comments and suggestions. They helped us build our code better. We are satisfied with the audit returns and positive feedback and will continue to do everything to make Concordium as secure as possible.
Do you want to be one of our Champs? Join our Discord server and participate! Or help our community in other channels!
Discord: https://discord.gg/MZyHgfw
Twitter: https://twitter.com/ConcordiumNet
Telegram: https://t.me/concordium_official
Reddit: https://www.reddit.com/r/Concordium_Official
Developers Hub: https://developers.concordium.com/en/testnet4/
Learn more: https://concordium.com
Concordium Blockchain Research Center Aarhus (COBRA):https://cs.au.dk/research/centers/concordium/