Audit report of IOHK’s Icarus wallet

IOHK is an engineering company that builds cryptocurrencies and blockchains for academic institutions, government entities, and corporations. Major projects of IOHK are Ethereum Classic, the Daedalus wallet, and the Cardano platform.

IOHK hired Kudelski Security to perform a security assessment of the Icarus Cardano wallet, providing access to source code, documentation, and review guidelines including references to the most critical components. The repositories concerned are and as well as private git repositories including the front-end and backend-end code.

Today we publish our audit report, which includes 3 low-severity issues and 11 observations related to general code safety. Furthermore, other issues discovered during the engagement are omitted from this report, because we found out that they affect other applications than IOHK’s Icarus wallet. These issues will be described in a future version of the report.

We thank IOHK for trusting us again, and for making our work easier by preparing architecture and scope description documents for this audit.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s