IOTA Foundation Releases the Results of the Trinity Security Audit by SIXGEN

Announcements Jun 21, 2019

Update: The IOTA Trinity wallet is deprecated with the Chrysalis upgrade and will be replaced by the new Firefly wallet. You can easily transfer your tokens following these instructions.

We are pleased to release the results of the Trinity audit conducted by world-leading cybersecurity firm SIXGEN. A security assessment of all desktop and mobile versions (Windows, Mac, Linux, iOS and Android) revealed an overall LOW risk of compromise from external attackers. Wallet security is at the core of the Trinity team’s approach and we maintain high standards across all app areas. The audit results validate this approach and confirm the overall security of Trinity as a method for safeguarding IOTA tokens. The report can be found here.  

The audit was performed in a two-stage process. First SIXGEN conducted manual and automatic analyses of encryption methodologies, sensitive data handling, network and OS interfacing, alongside emulation of real world attack attempts. And provided remediation steps for their findings (all of low and informational risk level). Then, working together with the SIXGEN team members, the Trinity team applied the suggested remediations. And finally, the SIXGEN team reassessed and retested those remediations.

“We reviewed the security of the Trinity wallet and determined it to have a low risk of compromise from external threats,” said Ethan Dietrich, CEO, SIXGEN, “It is clear the Trinity team takes security very seriously and has applied best practices throughout the wallet’s development.”

“We reviewed the security of the Trinity wallet and determined it to have a low risk of compromise from external threats,” said Ethan Dietrich, CEO, SIXGEN, “It is clear the Trinity team takes security very seriously and has applied best practices throughout the wallet’s development.”

Trinity beta is available for download on all major mobile and desktop platforms.


IOTA Foundation

Official posts from the IOTA Foundation, and migrated posts from old platforms.