Mastodon Feed
nadim@infosec.exchange ("Nadim Kobeissi") wrote:
I'm pleased to announce our comprehensive cryptographic audit of Coinbase's new open-source CB-MPC library, published today!
Transparency and rigorous security assessments are core principles at Cure53, and our thorough evaluation identified two vulnerabilities—including one rated High severity—as well as several areas for optimization and further security improvements. Coinbase’s team has fully addressed all findings, significantly enhancing the robustness of the CB-MPC library.
We appreciate Coinbase’s proactive approach and close collaboration throughout this audit process, demonstrating their genuine commitment to transparency, security, and trust in the cryptocurrency ecosystem.
The complete audit report is now publicly available, and we encourage developers, security researchers, and cryptography enthusiasts to review our findings.I particularly want to thank Yehuda Lindell and his exceptional team for the opportunity to review such important and high-quality cryptographic work. Identifying actual cryptographic security findings in their library prior to publication was a point of pride for us, and their dedication and expertise greatly facilitated this collaboration and audit.
Read the full audit report here: https://github.com/coinbase/cb-mpc/blob/master/docs/cure53-audit.pdf
Read Coinbase's CB-MPC announcement here: https://www.coinbase.com/blog/introducing-coinbases-open-source-mpc-cryptography-library