Concordium Mobile Wallets’ Penetration test

Concordium
Concordium
Published in
2 min readMay 19, 2021

As a privacy-centric blockchain, we prioritize Concordium’s users’ safety.

Concordium has created and is deploying a unique solution relying on strong cryptography at its protocol level. When it comes to the user level, security is vital.

With our expected launch, we would like to share the results of the penetration tests we’ve been through and to provide the audit results.

The full report is here.

Scope

We are sharing the final report of NowSecure that was commissioned by Concordium to perform a Mobile Application Security Assessment on the StagingNet-Wallet Staging application for the iOS and Android platforms.

The scope of work is split into four categories:

  • Device
  • Network
  • Backend
  • Reverse Engineering

Findings and conclusions

“With no high risk findings on this assessment, StagingNet-Wallet Staging v0.1/0.5.37 for iOS, Android is eligible for Certification. The app was found through empirical testing to avoid significant security vulnerabilities, and does not store sensitive data insecurely. Certification may be displayed publicly, with a badge and hosted verification page, with agreement to the mobile application security certification terms of use.”

And from here?

Concordium is still under development (and will be for the foreseeable future) thus we encourage the community to help to identify potential vulnerabilities by submitting a report or alerting the team and the community on our community channels on Discord or Telegram.

We want to thank the amazing team at NowSecure for their insightful comments and suggestions. They helped us build our code better. We are satisfied with the audit returns and positive feedback and will continue to do everything to make Concordium as secure as possible.

Do you want to be one of our Champs? Join our Discord server and participate! Or help our community in other channels!

Discord: https://discord.gg/MZyHgfw

Twitter: https://twitter.com/ConcordiumNet

Telegram: https://t.me/concordium_official

Reddit: https://www.reddit.com/r/Concordium_Official

Developers Hub: https://developers.concordium.com/en/testnet4/

Learn more: https://concordium.com

Concordium Blockchain Research Center Aarhus (COBRA):https://cs.au.dk/research/centers/concordium/

--

--

Concordium
Concordium

Written by Concordium

Concordium with its Zero-knowledge ID enables the creation of regulation-ready dApps balancing decentralization, security, scalability, and regulation.