Looking for Parity Ethereum client? Get it here.

Parity Technologies enlists Trail of Bits to lead security review

Image Phil Lucsok
Product communications manager @ Parity Technologies
February 09, 2018 in Security

After receiving many proposals from security auditing firms, we are excited to announce that we have chosen Trail of Bits to review and, if indicated, improve the security of our code.

With the rapid adoption of blockchain technologies, security has an even greater meaning for us, which is why we are focused on finding the best ways to identify and fix vulnerabilities and provide the community with best practices going forward.

We chose Trail of Bits because their team of experts brings decades of security knowledge to the field of smart contracts, they have vast experience with Solidity and Rust and rapid command of the latest developments in Ethereum security. Their team can dig deeper into the construction of smart contracts especially because of their analysis tools, including Manticore and Ethersplay.

Trail of Bits will focus on the most critical components of our code including key generation and storage, both Rust implementations of personal wallets and our Javascript code for web-accessible public wallets and mobile signer apps. Other areas included in the review will be our JSON RPC implementations and smart contracts, starting with the most critical ones.

The first reviews are already underway and as we advance, we will publish the results of the upcoming audits. Sharing these learnings will improve our code both now and moving forward, and also help the community learn the importance of building strong and secure distributed systems.

In addition, we are benefiting from comprehensive training in using security-enhancing tools as well as regular consultations in overall improving processes.

The movement towards decentralised systems requires the public to place a great deal of trust in this new technology, which is why ensuring the security of our code is essential for our vision to be accomplished.

If you are interested in helping, check out our bug bounty program we announced last July, and stay tuned for more updates to come.

More recent stories

October 12, 2018

Parity Ethereum 2.1.2-beta: Constantinople coming to Kovan and Ropsten

Read More
October 11, 2018

Parity Signer v2.0 Beta: New features and improved security

Read More

Join the discussion: