July 16, 2018
As a universal cryptocurrency wallet application, the security of Infinito Wallet is of utmost importance to us. To ensure the highest possible standards, we have embraced a peer review approach for Infinito Wallet’s development – in addition to regular internal audits, we invited a professional third-party security auditor to carry out an independent audit for our universal wallet application.
The external audit, conducted by SmartDec, commenced earlier this year and was completed by the first quarter of 2018. SmartDec is an esteemed security auditor who analyzes the source and executable codes of software application. Read the full Infinito Wallet security audit by SmartDec here.
All notable issues found were promptly resolved by our diligent technical team who is working on the remaining minor issues. Please rest assured, regardless, that hackers can exploit these vulnerabilities ONLY by having physical access to your device, being able to bypass your phone’s own password protection, AND somehow obtaining your wallet’s password, all at the same time, which is no feasible task per se!
To ensure transparency, we have listed the remaining minor issues below. Our technical team is working days and nights on this and we will update the community about these fixes soon.
Unencrypted Storage for Non-Sensitive Information (public address, contact book)
Unlimited Password Entry Attempts
Lack of Protection against Unauthorized Access to The Mobile Device
iOS Background Mode Screen Caching
Lack of Authentication After Background Mode on iOS
Please refer to SmartDec’s blog post to read about our collaboration.
The approach we have taken here is uncommon, if not unique, compared to our competitors. Infinito Wallet’s extensive security audit with SmartDec exemplifies its commitment to deliver the best-in-class mobile cryptocurrency universal wallet to end-users. But it does not stop here. We aim to be as consistent and transparent with our development progress as possible by becoming 100% open-source by the end of this year while reserving a significant amount of our development budget for community bounty programs and frequent third-party external audits. We thank you for your continued support and hope you enjoy using Infinito Wallet!
Positioning as a leading universal wallet for crypto users, Infinito Wallet serves as a gateway for users to maximize usage and potentials of their cryptocurrencies. By selectively expanding our partner network, Infinito Wallet aims to build an ecosystem of practical blockchain services including exchanges, ID/KYC solutions, and other blockchain-related business services. At the same time, we help support communities of developers and businesses with an open blockchain infrastructure of technologies and compliant-ready services, so that they can seamlessly build, launch, and operate innovative products and services efficiently.
Infinito Wallet’s core development team of blockchain R&D experts has intensive professional experience. Currently, our organization consists of more than 300 members including developers, designers, business and marketing specialists. We are promoting research on infrastructure for cryptocurrencies and developers utilizing blockchain.
Follow us on
– Telegram: https://t.me/infinitowallet
– Facebook: https://www.facebook.com/InfinitoWallet/
– Twitter: https://twitter.com/InfinitoWallet
– Youtube: https://www.youtube.com/channel/UCc8s67KYZ1AHZRUqJLLFc0g
– Google+: https://plus.google.com/u/3/109607724919921670535
– Medium: https://medium.com/infinito-wallet
– Reddit: https://www.reddit.com/user/infinitowallet/
– Linkedin: https://www.linkedin.com/company/infinity-blockchain-labs-europe/