Thank you for doing this audit by request, appreciate it!
4 Likes
This is our February report:
Security Audits:
- We completed the audit of the Zcash integration for the Keystone Wallet.
- We started and completed the audit of the Frost Server + Client (Demo)
- We started and completed the audit of the Kotlin + Swift Payment URIs
- We started the audit of P2PE2E
- We started the audit of Coin Voting 2.0
- We published the audit report for the Decred DEX Zcash (ZEC) integration
Consultations:
- We did not complete any short consultation sessions in February.
Community engagement:
- We have been planning participation in some events to highlight Zcash, the community and our role, from the perspective of security diligence.
- We continued our communications with the projects in the ecosystem, especially with so many audits in parallel. estimated a few upcoming reviews and have been planning with the ZCG.
It was a busy month for us 
If you have any security needs, especially for Q2 2025, please reach out to us asap!
8 Likes
On March 12, we’ll be participating in a panel, “Enhancing Zcash Security w/ Least Authority and Zcash” hosted by the Open Source Technology Improvement Fund (OSTIF). And @pacu will also be talking with us!
Sign up to join the event: Enhancing Zcash Security w/ Least Authority and Zcash · Zoom · Luma
9 Likes
This is our March report:
Security Audits:
- We completed the audit of P2PE2E
- We completed the audit of Coin Voting 2.0
- We published the audit report for the Zcash integration for the Keystone Wallet: Keystone - Hardware Wallet for Zcash - Least Authority
Consultations:
- We did not complete any short consultation sessions.
Community engagement:
- We are working with the teams to address issues found and suggestions made before publishing more Final Audit Reports.
If you have any security needs, especially for Q2 or Q3, please reach out to us!
9 Likes
This is our April report:
Security Audits:
- We published the audit report for the Zcash FROST Demo: Zcash - FROST Demo - Least Authority
Consultations:
- We did not complete any short consultation sessions.
Community engagement:
- We are working with the teams to address issues found and suggestions made before publishing more Final Audit Reports.
As usual, if you have any security needs, please reach out to us!
10 Likes
Can you audit my fork of Zebra launcher that adds a map visualization of peer nodes?
6 Likes
Hi @Milton. I’ve forwarded your request to Least Authority and asked them to estimate how many hours the audit would take. We should hear back from them early next week and will follow up with you then. Thanks.
2 Likes
This is our May report:
Security Audits:
- We checked on the status of a few outstanding verification reviews and estimated one new potential audit.
Consultations:
- We did not complete any short consultation sessions.
Community engagement:
- As noted above, we are working with some teams to address issues found and suggestions made for verification reviews necessary before publishing more Final Audit Reports.
If you have any security needs or would like to plan an audit for 2025, please reach out to us!
7 Likes
This is our June 2025 report:
Security Audits:
- We completed the verification review and the Final Audit Report for the Kotlin + Swift Payment URIs review.
- We checked on the status of the remaining outstanding verification reviews and estimated two new potential audits.
Consultations:
- We did not complete any short consultation sessions.
Community engagement:
- As noted above, we are working with some teams to address outstanding issues and potential audit projects.
If you have any security needs - please reach out to us!
6 Likes
This is our July 2025 report:
Security Audits:
- We completed the verification review and delivered the Final Audit Report for the P2PE2E review.
- We completed the verification review and delivered the Final Audit Report for the Lightwalletd infrastructure review.
Consultations:
- We did not complete any short consultation sessions.
Community engagement:
- We are working with the ZCG Committee and some teams to plan potential audit projects.
If you have any security needs - please reach out to us!
4 Likes
As the last weekday in the month, this is our August 2025 report:
Security Audits:
- Today, we will be completing our initial audit of the Zebra NU6.1 Network Upgrade changes and delivering our Initial Audit Report.
Consultations:
- We also started consulting on the ZavaX Oracle Threat Model and we will finish this first iteration next month.
Community engagement:
- We are working with the ZCG Committee and some teams to plan potential audit projects.
As always, please reach out to us with any security related questions or projects! You can post here or reach out to us directly: Security Consulting - Least Authority
6 Likes
Quick update: the Final Audit Report for the Kotlin + Swift Payment URIs has been published to the Least Authority website. The full report is available here: Zcash - Kotlin and Swift Payment URI Prototypes - Least Authority
3 Likes
This is our September 2025 report:
Security Audits:
- We published the Final Audit Report for the Kotlin + Swift Payment URIs: Zcash - Kotlin and Swift Payment URI Prototypes - Least Authority
Consultations:
- We finished the first iteration of consulting on the ZavaX Oracle Threat Model.
Community engagement:
- We are working with the ZCG Committee and some teams to plan potential audit and consulting projects.
Please reach out to us with any security related questions or projects! You can post here or reach out to us directly: Security Consulting - Least Authority
2 Likes
Hi @Liz315 ,
@ZecHub is interested/considering using Zkool for its FROST support with some of our wallets, but would feel more comfortable if an audit was completed. If your team could help with that we would be very grateful!
Thank you,
dismad
3 Likes
Our October 2025 report:
Security Audits:
- We didn’t work on any security audits in October.
Consultations:
- We started and completed the first phase with Zashi: a review of their Risk Model and provided feedback.
Community engagement:
- We are working with the ZCG Committee and some teams to plan further audits and consulting projects.
Please let us know if you need assistance with security related questions or projects! You can post here or reach out to us directly: Security Consulting - Least Authority
3 Likes
Here’s Least Authority’s audit report on the Coin Voting 2.0 protocol from March 2025. It looks like it was never posted to this thread.
250325_ZCG_Coin_Voting_2.0_Final_Audit_Report.pdf (529.7 KB)
1 Like
Our November 2025 report (it was a busy month!):
Security Audits:
-
We completed an audit of Zebra ZIP-233 + Implementation (NU7).
-
We started an audit of Zkool2, which will be completed in December.
-
As a second phase, following the Risk Model review we did in October, we started a code audit of the Zashi wallet, which will be completed in December.
-
We completed the verification review and delivered the Final Audit Report for the changes made to Zebra for the NU6.1 network upgrade.
Consultations:
- No consultations were completed in November.
Community engagement:
- We are working with the ZCG Committee and some teams to plan further audits and consulting projects.
Please let us know if you need assistance with security related questions or projects! You can post here or reach out to us directly: Security Consulting - Least Authority
4 Likes
Our audit report for Coin Voting 2.0 is now published and available for review on the Least Authority website. Zcash - Coin Voting 2.0 - Least Authority
2 Likes