Worldcoin Orb Software Passes Rigorous Security Audit 

Aiden Kiprop
By Aiden Kiprop 3 Min Read

Worldcoin Orb software has passed a rigorous security audit by Trail of Bits in collaboration with Tools For Humanity (TFH), validating the platform’s strong privacy protections and earning praise for its trustworthiness.

The audit, conducted on a software version frozen on July 8th, 2023, showcased the project’s unwavering commitment to safeguarding user data and upholding stringent security standards.

The comprehensive audit, spanning multiple weeks and involving a team of seasoned consultants, delved into key assertions put forth by TFH. These assertions, tailored to the software release frozen in July 2023, focused on critical aspects such as data collection, encryption practices, and the handling of sensitive information.

One of the standout findings from the audit was the confirmation that the orb software, in its latest iteration, refrains from storing any data on the SSD, regardless of the data custody option selected. This move underscores Worldcoin’s dedication to data privacy and protection.

Furthermore, the audit scrutinized the orb’s interaction with user devices, particularly during the signup process. Trail of Bits’ meticulous analysis revealed that the orb does not extract additional data from users’ devices, providing assurance to users regarding the protection of their personal information.

In response to potential vulnerabilities identified during the assessment, proactive measures were taken to enhance the software’s security posture. For instance, the audit highlighted the transition from the ZBar library to a more secure, pure-Rust barcode scanning library, rxing, mitigating potential memory safety issues.

The audit also validated the secure handling of users’ iris codes, affirming that sensitive information is not persistently stored on the orb and is transmitted securely to the backend.

While acknowledging the existing security measures, Trail of Bits provided recommendations for further strengthening the security configuration to fortify the overall resilience of the system.

The audit report, available for public scrutiny, encapsulates a detailed analysis of the orb software, including findings, remedial actions, and insights into the verification of the claims outlined by TFH.

Share This Article
Leave a comment
WP2Social Auto Publish Powered By :