Trail of Bits
Audit Open Original ↗

MobileCoin

Type

Security review

Client

MobileCoin

Date

2022-07

Domain

Blockchain

Effort

2 wks

Section

MobileCoin

Trail of Bits's security review of MobileCoin (Jul 2022) identified 6 issues: 1 low, 4 informational, and 1 undetermined.

Findings · 6

  1. 1 Project contains vulnerable dependencies Undetermined
  2. 2 MobileCoin Foundation could infer token IDs in certain scenarios Informational
  3. 3 Token IDs are protected only by SGX Informational
  4. 4 Nonces are not stored per token Low
  5. 5 Clients have no option for verifying blockchain configuration Informational
  6. 6 Confidential tokens cannot support frequent price swings Informational

Findings extracted from the published report PDF. See the full report below for details and remediation.

Related