Dear Lido Audits Committee,
The Least Authority team is interested in supporting the Lido ecosystem with security audits and other security consulting services. In order to provide sustainable support and not merely a one-time audit, we are proposing a series of audits and other security support services coordinated with your ecosystem with a security roadmap.
Why us?
With our mission to support the development of usable technology solutions to advance digital security and preserve privacy as a fundamental human right, we see Lido as fundamental to empowering users and our security auditing efforts essential to enabling the effective use of it.
We offer a flexible approach where the timeline and deliverables are dependent on your current needs. We have the capability to cover a wide spectrum of Web3 ecosystems and programming languages, allowing us to provide comprehensive support to meet the diverse needs of your ecosystem. Our team has skills for reviewing code in multiple Languages, such as C, C++, Python, Haskell, Rust, Node.js, Solidity, Go, JavaScript, ZoKrates, and circom, for common security vulnerabilities and specific attack vectors. The team reviews implementations of cryptographic protocols and distributed system architecture in cryptocurrency, blockchains, payments, smart contracts, zero-knowledge protocols, and consensus protocols. Additionally, the team can utilize various tools to scan code and networks and build custom tools as necessary, and supports development teams from the design phase through the production launch and after. Our security consulting efforts allow us to advance the security of systems and contribute to the community of developers who build them. This is especially true for our clients who choose to publish the reports of the reviews we completed for them, including our review of the Ethereum 2.0 specifications for the Ethereum Foundation, along with reports for Metamask, Centrifuge, ChainSafe and others.
Commitment to transparency
We publish our audits to help developers and projects implement best practices in security, resulting in the creation of more robust and trustworthy Web3 applications. This, in turn, fosters increased adoption and investment in Web3 technologies, driving growth and economic benefits. Our dedication to raising the overall security standards within the Web3 space ensures that your ecosystem remains resilient in the face of evolving threats.
We look forward to discussing the details and possibilities of our collaboration further.
The following links provide more information about our work:
To see a list of our published audit reports: https://leastauthority.com/security-consulting/published-audits/
A blog post about our work with zero-knowledge proofs: https://leastauthority.com/blog/pioneering-zero-knowledge-proofs/
A blog post about our work with Web3 wallets: https://leastauthority.com/blog/navigating-web3-wallets-enabling-a-secure-user-experience/
For more information about our security consulting, please visit: https://leastauthority.com/security-consulting/
Please let us know if you are interested in any of our work and would like to discuss it further! You can schedule a call with us here: https://calendly.com/least-authority-security-consulting/info-session