Towo Labs engaged FYEO to perform a secure code review of the Bifrost Wallet.
Bifrost Wallet is a secure and private self-custody crypto wallet, with the user in complete control of their own keys and crypto assets. It serves as a digital keychain, NFT and Web3 browser for 10+ blockchains such as Flare, Songbird and XRP Ledger.
The report summarizes the engagement, tests performed, and findings. It also contains detailed descriptions of the discovered vulnerabilities, steps the FYEO Security Team took to identify and validate each issue, as well as any applicable recommendations for remediation.
The FYEO Process
When FYEO performs an assessment, we focus on the code committed at a specific time when the code base is feature complete.
Our goal is to give our clients the following:
A better understanding of its security posture and help them identify current and future risks in its deployed chain & contract infrastructure.
An opinion on what security measures are in place regarding maturity, adequacy, and efficiency.
Identify potential issues, including loss of funds scenarios, and include improvement recommendations based on the result of our assessment.
Give the development team a better understanding of writing and maintaining more secure code. The incremental increase of security is part of the overall increased quality of the project.
Findings & Report
During the Secure Code Review of the Bifrost Wallet, we discovered:
3 findings with MEDIUM severity rating.
4 findings with LOW severity rating.
4 findings with INFORMATIONAL severity rating.
Following the audit, the Bifrost Wallet team worked in conjunction with the FYEO team to remediate all security vulnerabilities identified.
Please see the attached full report to learn more!