Matomo

Crypto wallet security assessment for Temple Wallet | Cossack Labs

🇺🇦 We stand with Ukraine, and we stand for Ukraine. We offer free assessment and mitigation services to improve Ukrainian companies security resilience.

Case Temple Wallet DeFi SEP 2021 - MAY 2022

Crypto wallet security assessment for Temple Wallet

Temple Wallet audit results

In the public reports, we summarised the security assessment of Temple Wallet apps: the process, a list of findings and their status, and theoretical and practical concerns. We'd like to highlight the Madfish team's solid security-oriented engineering effort in building and securing the apps. Read details below.

Industry

  • Fintech

  • Blockchain

  • Cryptocurrency

Technology stack

  • React Native (iOS, Android)

  • Web extension (Chrome, Firefox)

  • LPoS

Regulations

  • Typical fintech security requirements

  • Encryption Export Regulations

Challenges

Technology requirements

Encrypt data at rest

Multi-platform solution

Financial app security built into UX

Our approach

Understanding blockchain and non-custodial wallet security threats

Building mobile/web platform-specific security controls

Integrating reliable cryptographic tools

Solution

Additional relevant materials

Products and services involved

Mobile apps security

Mobile apps security

Mobile wallets give a gateway to the blockchain backend infrastructure and become a target for curious and malicious users: phishing and API abuse, app cloning and distribution. Mobile app security measures prevent these threats.

Read more
Cryptography engineering

Cryptography engineering

Implementing cryptography is hard, even in cryptocurrency applications. We audited the cryptographic core, found weaknesses, suggested fixes, and implemented a more reliable cross-platform cryptographic layer.

Read more
Security engineering

Security engineering

From security architecture to DevSecOps—we recommended numerous security controls and processes to ensure that wallets achieve and maintain a high-security bar.

Read more
Themis

Themis

We suggested a cryptographic library Themis as a building block for unifying the applications' encryption layer across mobile (React Native) and web extension (WASM).

Read more

Benefits

The Temple Wallet web extension and mobile apps are now synced in their security guarantees and provide defence in depth protection for the user’s data. With a security baseline similar to financial apps, the Temple Wallet uses platform-specific security controls to protect users' cryptocurrency accounts in line with industry best practices.

Results and outcomes

Smooth and maintainable security

Web, mobile, and cloud platforms bring unique threats but provide platform-specific security controls. Combining "boring" traditional application security with platform-specific measures results in reliable protection. Talk to us if you build cross-platform applications and want to take your appsec to the next level.

Contact us

Get whitepaper

Thank you!
We’ve received your request and will respond soon.