1 min read Technology

Ethereum Security Review

The Ethereum Foundation selected Taurus to lead a security review of beacon clients (Lighthouse, Nimbus, Prysm, Teku), a joint project with TomskUni & UCL. Today we publish our full report, disclosing 35 security issues and improvement proposals
Ethereum Security Review

In May 2021, the Ethereum Foundation selected Taurus to lead a security review of Ethereum beacon clients, which are the applications powering the "Ethereum 2.0" updates, in collaboration with Tomsk University (Russia) and UCL (UK). After 3 months of work and intense scrutiny of Ethereum's code and specification,  today we finally publish our results.

Our report covers the four main beacon clients: Lighthouse (in Rust), Nimbus (in Nim), Prysm (in Go), and Teku (in Java), and describes more than 35 security improvements and bugs, most of which have already been addressed by the application developers after receiving our reports.  Apart from security features related to cryptography and networking, we analysed Ethereum's software susceptibility to so-called supply-chain attacks, or sabotage risks leveraging the large number of dependencies in modern software.

We're happy to contribute to the security of Ethereum, the leading blockchain platform, and a vibrant community designing and deploying innovating techniques for scalability and security. We would like to thank the Ethereum Foundation for supporting this project.

Download the report PDF, and read a related post we co-authored.

You might also like...

May
31
MPC and smart contracts: same but different

MPC and smart contracts: same but different

Multi-party computation (MPC) and smart contracts are often seen as witchcraft. But they're fundamentally very simple, and in fact similar in spirit once you abstract things away a bit.
5 min read
May
09

Quantum doomsday planning (2/2): The post-quantum technology landscape

This post aims to assist you in assessing the risk of quantum computing to your organization’s IT assets. This
14 min read
Feb
24
CODE41 tokenises its shares for a capital increase amongst its community through Taurus technology

CODE41 tokenises its shares for a capital increase amongst its community through Taurus technology

CODE41, the Swiss-based watchmaking company, will leverage Taurus technology to tokenise its shares for its capital increase amongst its community.
1 min read
Dec
05
Bank Syz selected Taurus for its new digital asset offering

Bank Syz selected Taurus for its new digital asset offering

Bank Syz selected Taurus to launch its digital asset offering. The Bank has integrated Taurus-PROTECT and Taurus-EXPLORER solutions for the secure custody of digital assets and connectivity to different blockchains.
2 min read
Nov
01
Taurus SA Joins Acurast As Data Transmitter

Taurus SA Joins Acurast As Data Transmitter

Acurast, allows developers to integrate price feeds, verifiable randomness, or any other off-chain data or computation for their decentralized applications in various ecosystems such as Polkadot, Tezos, NEAR, and more
2 min read