{"id":1530,"date":"2021-07-06T16:27:50","date_gmt":"2021-07-06T15:27:50","guid":{"rendered":"https:\/\/www.xdefi.io\/?p=1530"},"modified":"2022-04-22T15:05:13","modified_gmt":"2022-04-22T14:05:13","slug":"kudelski-security-audit","status":"publish","type":"post","link":"https:\/\/www.xdefi.io\/fr\/kudelski-security-audit\/","title":{"rendered":"Kudelski Architecture and Code Review &#8211; 2021"},"content":{"rendered":"<h2 id=\"1f54\" class=\"pw-post-body-paragraph hy hz hb ia b ib ic id ie if ig ih ii ij ik il im in io ip iq ir is it iu iv gu fd\" style=\"text-align: center;\">In March, the <a href=\"https:\/\/kudelskisecurity.com\/\">Kudelski Security<\/a> Team conducted an audit of the wallet extension at the request of the <a href=\"https:\/\/www.xdefi.io\/\">XDEFI team<\/a>.<\/h2>\n<p data-selectable-paragraph=\"\"><img loading=\"lazy\" decoding=\"async\" class=\" wp-image-1945 aligncenter\" src=\"https:\/\/www.xdefi.io\/wp-content\/uploads\/2022\/03\/Kudelski-Security-dark-logo-768x219.png\" alt=\"\" width=\"274\" height=\"78\" srcset=\"https:\/\/www.xdefi.io\/wp-content\/uploads\/2022\/03\/Kudelski-Security-dark-logo-768x219.png 768w, https:\/\/www.xdefi.io\/wp-content\/uploads\/2022\/03\/Kudelski-Security-dark-logo-50x14.png 50w, https:\/\/www.xdefi.io\/wp-content\/uploads\/2022\/03\/Kudelski-Security-dark-logo.png 822w\" sizes=\"auto, (max-width: 274px) 100vw, 274px\" \/><\/p>\n<p id=\"cb19\" class=\"pw-post-body-paragraph hy hz hb ia b ib ic id ie if ig ih ii ij ik il im in io ip iq ir is it iu iv gu fd\" data-selectable-paragraph=\"\">The audit comprised of three key review elements covering:<\/p>\n<ul class=\"\">\n<li id=\"f57d\" class=\"iw ix hb ia b ib ic if ig ij iy in iz ir ja iv jb jc jd je fd\" data-selectable-paragraph=\"\">Architecture<\/li>\n<li id=\"942c\" class=\"iw ix hb ia b ib jf if jg ij jh in ji ir jj iv jb jc jd je fd\" data-selectable-paragraph=\"\">Code<\/li>\n<li id=\"6987\" class=\"iw ix hb ia b ib jf if jg ij jh in ji ir jj iv jb jc jd je fd\" data-selectable-paragraph=\"\">Implementation<\/li>\n<\/ul>\n<p id=\"e6e6\" class=\"pw-post-body-paragraph hy hz hb ia b ib ic id ie if ig ih ii ij ik il im in io ip iq ir is it iu iv gu fd\" data-selectable-paragraph=\"\">The auditors identified noteworthy points across a spectrum of severity amounting to\u00a0<em class=\"jk\">4 High, 3 Medium, 1 Low, and 18 Informational findings.<\/em><\/p>\n<figure class=\"jm jn jo jp ew jq ek el paragraph-image\">\n<div class=\"jr js cj jt dq ju\" tabindex=\"0\" role=\"button\">\n<div class=\"ek el jl\"><center><img loading=\"lazy\" decoding=\"async\" class=\"dq jv jw\" role=\"presentation\" src=\"https:\/\/miro.medium.com\/max\/1400\/0*3EGjjmx7iyLzZEqt\" alt=\"\" width=\"700\" height=\"406\" \/><\/center><\/div>\n<\/div>\n<\/figure>\n<p id=\"6f08\" class=\"pw-post-body-paragraph hy hz hb ia b ib ic id ie if ig ih ii ij ik il im in io ip iq ir is it iu iv gu fd\" data-selectable-paragraph=\"\">All High, Medium and Low findings were remediated at the end of March (shortly after receipt of the report), with the Kudelski Security Team reviewing and approving all fixes (as noted below).<\/p>\n<h2 id=\"5328\" class=\"jx jy hb cg jz ka kb kc kd ke kf kg kh ki kj kk kl km kn ko kp kq kr ks kt ku fd\">Architecture Review<\/h2>\n<p id=\"fce9\" class=\"pw-post-body-paragraph hy hz hb ia b ib kv id ie if kw ih ii ij kx il im in ky ip iq ir kz it iu iv gu fd\" data-selectable-paragraph=\"\">Kudelski concluded that the architecture of <a href=\"http:\/\/bit.ly\/3syw15k\">XDEFI Wallet<\/a> is well designed and well implemented, as supported by a high architecture fitness score of <strong class=\"ia hc\">8.5\/10.<\/strong><\/p>\n<figure class=\"jm jn jo jp ew jq ek el paragraph-image\">\n<div class=\"ek el la\"><center><img loading=\"lazy\" decoding=\"async\" class=\"dq jv jw aligncenter\" role=\"presentation\" src=\"https:\/\/miro.medium.com\/max\/1246\/0*J548twdytC3nQ3ta\" alt=\"\" width=\"623\" height=\"305\" \/><\/center><\/div>\n<\/figure>\n<p id=\"90ba\" class=\"pw-post-body-paragraph hy hz hb ia b ib ic id ie if ig ih ii ij ik il im in io ip iq ir is it iu iv gu fd\" data-selectable-paragraph=\"\">You can find the full audit report\u00a0<a class=\"au lb\" href=\"https:\/\/www.xdefi.io\/wp-content\/uploads\/2021\/07\/XDEFI_Audit_Report_Kudelski.pdf\" target=\"_blank\" rel=\"noopener ugc\"><strong class=\"ia hc\">here<\/strong><\/a><\/p>\n<h2 id=\"22ed\" class=\"jx jy hb cg jz ka kb kc kd ke kf kg kh ki kj kk kl km kn ko kp kq kr ks kt ku fd\">Review of June<\/h2>\n<p id=\"e585\" class=\"pw-post-body-paragraph hy hz hb ia b ib kv id ie if kw ih ii ij kx il im in ky ip iq ir kz it iu iv gu fd\" data-selectable-paragraph=\"\">Upon receipt of the advice of the auditor at the end of March, XDEFI identified 4 area\u2019s with deficiencies which if addressed would ultimately strengthen the product. These areas were in Maintainability, Testability, Reusability and Debug-ability\/Monitoring \u2014 all of which were included in the informal findings Kudelski included in March (above).<\/p>\n<p id=\"19e7\" class=\"pw-post-body-paragraph hy hz hb ia b ib ic id ie if ig ih ii ij ik il im in io ip iq ir is it iu iv gu fd\" data-selectable-paragraph=\"\">Upon receipt of these findings, our team worked on immediately addressing and rectifying ahead of the June review.<\/p>\n<p id=\"622b\" class=\"pw-post-body-paragraph hy hz hb ia b ib ic id ie if ig ih ii ij ik il im in io ip iq ir is it iu iv gu fd\" data-selectable-paragraph=\"\">The June review found that all issues and deficiencies had been addressed, and a Letter of Attestation was provided by the Kudelski Security Team to confirm these issues had been remediated<\/p>\n<p id=\"507a\" class=\"pw-post-body-paragraph hy hz hb ia b ib ic id ie if ig ih ii ij ik il im in io ip iq ir is it iu iv gu fd\" data-selectable-paragraph=\"\">The Letter of Attestation can be found\u00a0<a class=\"au lb\" href=\"https:\/\/www.xdefi.io\/wp-content\/uploads\/2021\/07\/XDEFI_Attestation-Letter-Final.pdf\" target=\"_blank\" rel=\"noopener ugc\"><strong class=\"ia hc\">here<\/strong><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In March, the Kudelski Security Team conducted an audit of the wallet extension at the request of the XDEFI team. [&hellip;]<\/p>\n","protected":false},"author":10,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1530","post","type-post","status-publish","format-standard","hentry","category-crypto"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Kudelski Security architecture 2021 audit<\/title>\n<meta name=\"description\" content=\"All the details regarding our audit by Kudelski Security Team : Review of the architecture, code, implementation...\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.xdefi.io\/kudelski-security-audit\/\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Kudelski Security architecture 2021 audit\" \/>\n<meta property=\"og:description\" content=\"All the details regarding our audit by Kudelski Security Team : Review of the architecture, code, implementation...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.xdefi.io\/kudelski-security-audit\/\" \/>\n<meta property=\"og:site_name\" content=\"XDEFI Technologies\" \/>\n<meta property=\"article:published_time\" content=\"2021-07-06T15:27:50+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-04-22T14:05:13+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.xdefi.io\/wp-content\/uploads\/2022\/03\/Kudelski-Security-dark-logo-768x219.png\" \/>\n<meta name=\"author\" content=\"Kevin Beardsley\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u00c9crit par\" \/>\n\t<meta name=\"twitter:data1\" content=\"Kevin Beardsley\" \/>\n\t<meta name=\"twitter:label2\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.xdefi.io\/kudelski-security-audit\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.xdefi.io\/kudelski-security-audit\/\"},\"author\":{\"name\":\"Kevin Beardsley\",\"@id\":\"https:\/\/www.xdefi.io\/#\/schema\/person\/d2ccdb5b62cdc2127e6a1a948ea76a0e\"},\"headline\":\"Kudelski Architecture and Code Review &#8211; 2021\",\"datePublished\":\"2021-07-06T15:27:50+00:00\",\"dateModified\":\"2022-04-22T14:05:13+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.xdefi.io\/kudelski-security-audit\/\"},\"wordCount\":232,\"image\":{\"@id\":\"https:\/\/www.xdefi.io\/kudelski-security-audit\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.xdefi.io\/wp-content\/uploads\/2022\/03\/Kudelski-Security-dark-logo-768x219.png\",\"articleSection\":[\"Crypto\"],\"inLanguage\":\"fr-FR\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.xdefi.io\/kudelski-security-audit\/\",\"url\":\"https:\/\/www.xdefi.io\/kudelski-security-audit\/\",\"name\":\"Kudelski Security architecture 2021 audit\",\"isPartOf\":{\"@id\":\"https:\/\/www.xdefi.io\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.xdefi.io\/kudelski-security-audit\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.xdefi.io\/kudelski-security-audit\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.xdefi.io\/wp-content\/uploads\/2022\/03\/Kudelski-Security-dark-logo-768x219.png\",\"datePublished\":\"2021-07-06T15:27:50+00:00\",\"dateModified\":\"2022-04-22T14:05:13+00:00\",\"author\":{\"@id\":\"https:\/\/www.xdefi.io\/#\/schema\/person\/d2ccdb5b62cdc2127e6a1a948ea76a0e\"},\"description\":\"All the details regarding our audit by Kudelski Security Team : Review of the architecture, code, implementation...\",\"breadcrumb\":{\"@id\":\"https:\/\/www.xdefi.io\/kudelski-security-audit\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.xdefi.io\/kudelski-security-audit\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/www.xdefi.io\/kudelski-security-audit\/#primaryimage\",\"url\":\"https:\/\/www.xdefi.io\/wp-content\/uploads\/2022\/03\/Kudelski-Security-dark-logo-768x219.png\",\"contentUrl\":\"https:\/\/www.xdefi.io\/wp-content\/uploads\/2022\/03\/Kudelski-Security-dark-logo-768x219.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.xdefi.io\/kudelski-security-audit\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.xdefi.io\/fr\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Kudelski Architecture and Code Review &#8211; 2021\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.xdefi.io\/#website\",\"url\":\"https:\/\/www.xdefi.io\/\",\"name\":\"XDEFI Technologies\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.xdefi.io\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.xdefi.io\/#\/schema\/person\/d2ccdb5b62cdc2127e6a1a948ea76a0e\",\"name\":\"Kevin Beardsley\",\"url\":\"https:\/\/www.xdefi.io\/fr\/author\/kb\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Kudelski Security architecture 2021 audit","description":"All the details regarding our audit by Kudelski Security Team : Review of the architecture, code, implementation...","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.xdefi.io\/kudelski-security-audit\/","og_locale":"fr_FR","og_type":"article","og_title":"Kudelski Security architecture 2021 audit","og_description":"All the details regarding our audit by Kudelski Security Team : Review of the architecture, code, implementation...","og_url":"https:\/\/www.xdefi.io\/kudelski-security-audit\/","og_site_name":"XDEFI Technologies","article_published_time":"2021-07-06T15:27:50+00:00","article_modified_time":"2022-04-22T14:05:13+00:00","og_image":[{"url":"https:\/\/www.xdefi.io\/wp-content\/uploads\/2022\/03\/Kudelski-Security-dark-logo-768x219.png","type":"","width":"","height":""}],"author":"Kevin Beardsley","twitter_card":"summary_large_image","twitter_misc":{"\u00c9crit par":"Kevin Beardsley","Dur\u00e9e de lecture estim\u00e9e":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.xdefi.io\/kudelski-security-audit\/#article","isPartOf":{"@id":"https:\/\/www.xdefi.io\/kudelski-security-audit\/"},"author":{"name":"Kevin Beardsley","@id":"https:\/\/www.xdefi.io\/#\/schema\/person\/d2ccdb5b62cdc2127e6a1a948ea76a0e"},"headline":"Kudelski Architecture and Code Review &#8211; 2021","datePublished":"2021-07-06T15:27:50+00:00","dateModified":"2022-04-22T14:05:13+00:00","mainEntityOfPage":{"@id":"https:\/\/www.xdefi.io\/kudelski-security-audit\/"},"wordCount":232,"image":{"@id":"https:\/\/www.xdefi.io\/kudelski-security-audit\/#primaryimage"},"thumbnailUrl":"https:\/\/www.xdefi.io\/wp-content\/uploads\/2022\/03\/Kudelski-Security-dark-logo-768x219.png","articleSection":["Crypto"],"inLanguage":"fr-FR"},{"@type":"WebPage","@id":"https:\/\/www.xdefi.io\/kudelski-security-audit\/","url":"https:\/\/www.xdefi.io\/kudelski-security-audit\/","name":"Kudelski Security architecture 2021 audit","isPartOf":{"@id":"https:\/\/www.xdefi.io\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.xdefi.io\/kudelski-security-audit\/#primaryimage"},"image":{"@id":"https:\/\/www.xdefi.io\/kudelski-security-audit\/#primaryimage"},"thumbnailUrl":"https:\/\/www.xdefi.io\/wp-content\/uploads\/2022\/03\/Kudelski-Security-dark-logo-768x219.png","datePublished":"2021-07-06T15:27:50+00:00","dateModified":"2022-04-22T14:05:13+00:00","author":{"@id":"https:\/\/www.xdefi.io\/#\/schema\/person\/d2ccdb5b62cdc2127e6a1a948ea76a0e"},"description":"All the details regarding our audit by Kudelski Security Team : Review of the architecture, code, implementation...","breadcrumb":{"@id":"https:\/\/www.xdefi.io\/kudelski-security-audit\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.xdefi.io\/kudelski-security-audit\/"]}]},{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/www.xdefi.io\/kudelski-security-audit\/#primaryimage","url":"https:\/\/www.xdefi.io\/wp-content\/uploads\/2022\/03\/Kudelski-Security-dark-logo-768x219.png","contentUrl":"https:\/\/www.xdefi.io\/wp-content\/uploads\/2022\/03\/Kudelski-Security-dark-logo-768x219.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.xdefi.io\/kudelski-security-audit\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.xdefi.io\/fr\/"},{"@type":"ListItem","position":2,"name":"Kudelski Architecture and Code Review &#8211; 2021"}]},{"@type":"WebSite","@id":"https:\/\/www.xdefi.io\/#website","url":"https:\/\/www.xdefi.io\/","name":"XDEFI Technologies","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.xdefi.io\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Person","@id":"https:\/\/www.xdefi.io\/#\/schema\/person\/d2ccdb5b62cdc2127e6a1a948ea76a0e","name":"Kevin Beardsley","url":"https:\/\/www.xdefi.io\/fr\/author\/kb\/"}]}},"_links":{"self":[{"href":"https:\/\/www.xdefi.io\/fr\/wp-json\/wp\/v2\/posts\/1530","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.xdefi.io\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.xdefi.io\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.xdefi.io\/fr\/wp-json\/wp\/v2\/users\/10"}],"replies":[{"embeddable":true,"href":"https:\/\/www.xdefi.io\/fr\/wp-json\/wp\/v2\/comments?post=1530"}],"version-history":[{"count":4,"href":"https:\/\/www.xdefi.io\/fr\/wp-json\/wp\/v2\/posts\/1530\/revisions"}],"predecessor-version":[{"id":2511,"href":"https:\/\/www.xdefi.io\/fr\/wp-json\/wp\/v2\/posts\/1530\/revisions\/2511"}],"wp:attachment":[{"href":"https:\/\/www.xdefi.io\/fr\/wp-json\/wp\/v2\/media?parent=1530"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.xdefi.io\/fr\/wp-json\/wp\/v2\/categories?post=1530"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.xdefi.io\/fr\/wp-json\/wp\/v2\/tags?post=1530"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}