Coinspect published Grin Audit Report, which fully describes the engagement scope, details of issues identified, and how Grin handled the vulnerabilities.

Summary

During February 2019, Coinspect conducted a security audit of the Grin project’s MimbleWimble blockchain implementation.

Coinspect found the project source code to be clearly organized and readable. Grin team has clearly made security a top priority concern in its project development.

We would like to highlight the Grin team’s prompt and transparent response to the only critical vulnerability we found, which resulted in an almost immediate fix and Grin’s disclosure of CVE-2019–9195.

It is worth noting that even though the project was coded in Rust, the audit team found vulnerabilities that resulted in remote code execution and memory corruption.

Keep reading …

Security for a Decentralized World

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store