Is there an audit report for v2? #304
Comments
|
The 2019 audit report includes security findings and fixes implemented. Can you share with us what are some of your concerns about v2.0.0? |
|
I'd like to know if the 84 commits between v1.1.1 and v2.0.2 have been reviewed by an independent 3rd party and is the report is public? I wasn't able to find any additional reports in this repo and I am hoping it's available but hasn't been uploaded. I am not a cryptograpy expert so I have to use 3rd party audits and whether the code has been battle tested in public to determine the security and safety of it. I am with one of the many projects who rely on a fork of TSS-lib and we're trying to determine the best path forward whether we rely on your recent upgrades or go our own direction. I appreciate any help and insights into how the code has been verified and tested. Thanks |
|
Any information you can share here? And which version do you run internally? |
Is there a public audit report for version 2.0.0? It seems like you fixed a number of audit findings but there is no public report verifying the fixes or that new bugs were not introduced.
The text was updated successfully, but these errors were encountered: