Worldcoin has published its first security audit report conducted by Nethermind and Least Authority, security auditing firms. This comes in the wake of several concerns about the level of safety embedded in the project.
Worldcoin aims to create a new identity and financial network owned by everyone. The project includes a privacy-preserving digital identity (World ID) and a digital currency (WLD) distributed to individuals simply for being human.
The goal is to increase economic opportunities, differentiate humans from AI online while preserving privacy, enable global democratic processes, and potentially explore AI-funded Universal Basic Income (UBI).
While the mainnet was officially launched on July 24, 2023, the UK, France, and Germany have expressed concerns about the operations of the project related to data safety of users. This has triggered investigations on how Worldcoin operates in the listed countries.
Concerns and recommendations for Worldcoin
During the audits, the Worldcoin development team took note of several issues and suggestions discovered by the auditing firms. While some of the issues have been resolved, others are planned to be addressed in the future.
One of the issues that has been successfully resolved is related to secret values not being zeroized, which has enhanced the security of the protocol.
Additionally, the matter of Current CRS Generation, rendering proofs insecure, has also been resolved, further strengthening the robustness of the protocol.
Conversely, configuring Poseidon Hash Function Parameters to achieve a 128-bit security level, ensuring a higher level of protection in the Worldcoin ecosystem, is an example of issues that are planned to be resolved in the future.
The AWS Key Management Service Signing Mechanism which Worldcoin uses, is another aspect that will be addressed in the future to fortify the protocol’s security posture.
Worldcoin expressed its dedication to ensuring the security of its blockchain protocol by committing to thorough security audits and promptly addressing any issues that may arise from these audits. They emphasized their focus on creating a robust and secure system through this approach.