Back to blog

Parity Technologies enlists Trail of Bits to lead security review

After receiving many proposals from security auditing firms, we are excited to announce that we have chosen Trail of Bits to review and, if indicated, improve the security of our code.

With the rapid adoption of blockchain technologies, security has an even greater meaning for us, which is why we are focused on finding the best ways to identify and fix vulnerabilities and provide the community with best practices going forward.

We chose Trail of Bits because their team of experts brings decades of security knowledge to the field of smart contracts, they have vast experience with Solidity and Rust and rapid command of the latest developments in Ethereum security. Their team can dig deeper into the construction of smart contracts especially because of their analysis tools, including Manticore and Ethersplay.

Trail of Bits will focus on the most critical components of our code including key generation and storage, both Rust implementations of personal wallets and our Javascript code for web-accessible public wallets and mobile signer apps. Other areas included in the review will be our JSON RPC implementations and smart contracts, starting with the most critical ones.

The first reviews are already underway and as we advance, we will publish the results of the upcoming audits. Sharing these learnings will improve our code both now and moving forward, and also help the community learn the importance of building strong and secure distributed systems.

In addition, we are benefiting from comprehensive training in using security-enhancing tools as well as regular consultations in overall improving processes.

The movement towards decentralised systems requires the public to place a great deal of trust in this new technology, which is why ensuring the security of our code is essential for our vision to be accomplished.

If you are interested in helping, check out our bug bounty program we announced last July, and stay tuned for more updates to come.

Read more

Back to blog