TL;DR: report download.
IOHK is an engineering company that builds cryptocurrencies and blockchains for academic institutions, government entities, and corporations. Major projects of IOHK are Ethereum Classic, the Daedalus wallet, and the Cardano platform.
IOHK solicited Kudelski Security to perform a security audit of Mantis, an Ethereum Classic wallet integrated in Daedalus. Mantis is written in Scala, and includes approximately 12,000 lines of code (our audit covered the code in the phase/daedalus branch).
We did not find any critical security issue, but report 3 medium-severity issues and 4 low-severity issues. Mantis otherwise shows good security engineering, with secure defaults, defensive coding, and a clear code base that facilitates auditing. Our audit report is available here.
We’re happy to work with one of the most respected organizations in the blockchain world, and thank IOHK for trusting us. We also thank the Mantis developers, who promptly respond to our requests and thoroughly investigated possible mitigations.