Grin Security Audit
Coinspect published Grin Audit Report, which fully describes the engagement scope, details of issues identified, and how Grin handled the vulnerabilities.
Summary
During February 2019, Coinspect conducted a security audit of the Grin project’s MimbleWimble blockchain implementation.
Coinspect found the project source code to be clearly organized and readable. Grin team has clearly made security a top priority concern in its project development.
We would like to highlight the Grin team’s prompt and transparent response to the only critical vulnerability we found, which resulted in an almost immediate fix and Grin’s disclosure of CVE-2019–9195.
It is worth noting that even though the project was coded in Rust, the audit team found vulnerabilities that resulted in remote code execution and memory corruption.
