Matomo

Filling cryptography and security gaps in Temple Wallet | Cossack Labs

🇺🇦 We stand with Ukraine, and we stand for Ukraine. We offer free assessment and mitigation services to improve Ukrainian companies security resilience.

Case Temple Wallet Cryptocurrency

Filling cryptography and security gaps in Temple Wallet

Temple Wallet audit results

In the public reports, we summarised the security assessment of Temple Wallet apps: the process, a list of findings and their status, and theoretical and practical concerns. We would like to note a solid security-oriented engineering effort of the Madfish team in building and securing the apps. Read details below.

Industry

  • Fintech

  • Blockchain

  • Cryptocurrency

Technology stack

  • React Native (iOS, Android)

  • Web extension (Chrome, Firefox)

  • LPoS

Regulations

  • Typical fintech security requirements

  • Encryption Export Regulations

Challenges

Technology requirements

Encrypt data at rest

Multi-platform solution

Financial app security built into UX

Our approach

Understanding blockchain security threats

Building mobile/web platform-specific security controls

Integrating reliable cryptographic tools

Solution

Additional relevant materials

Products and services involved

Mobile apps security

Mobile apps security

Mobile wallets give a gateway to the blockchain backend infrastructure and become a target for curious and malicious users: phishing and API abuse, creation and distribution of app clones. Mobile app security measures prevent these threats.

Read more
Cryptography engineering

Cryptography engineering

Implementing cryptography is hard, even in cryptocurrency applications. We audited the cryptographic core, found weaknesses, suggested fixes, and implemented a more reliable cross-platform cryptographic layer.

Read more
Security engineering

Security engineering

From security architecture to devsecops—we recommended numerous security controls and processed to ensure that wallets will get a high-security bar and stay there.

Read more
Themis

Themis

We suggested a cryptographic library Themis as a building block to unify applications' encryption layer across mobile (React Native) and web extension (WASM).

Read more

Benefits

The Temple Wallet web extension and mobile apps are now synced in their security guarantees and provide defence in depth protection for the user’s data. With a security baseline similar to financial apps, the Temple Wallet uses platform-specific security controls to protect user's cryptocurrency accounts inline with the industry best practices.

Results and outcomes

Smooth and maintainable security

Web, mobile, and cloud platforms bring unique threats but provide platform-specific security controls. Combining "boring" traditional application security with platform-specific measures results in reliable protection. Talk to us if you build cross-platform applications to take your appsec to the next level.

Contact us

Get whitepaper

Thank you!
We’ve received your request and will respond soon.