The Tally Ho team is proud to share the results of a security audit performed by Least Authority. The audit was a limited scope review of Tally’s hd-keyring repository, which contains the code responsible for generating and managing users’ private keys. Founded by ZCash founder Zooko Wilcox, Least Authority was our top choice to audit the keyring because of their reputation for stringency and rigor.
Below is a summary of the results. You can check out the full report here. We plan on delivering a full audit of the extension later in 2022.
We're happy to report that Least Authority found that security has been considered in the system design. Least Authority found that “security has been considered in the system design and implementation of the Tally Ho browser extension wallet’s key handling code and did not identify critical security vulnerabilities.” Additionally, “ethe design of the key handling components of the Tally browser extension wallet demonstrate security considerations for the way in which access to secrets is managed.”
Least Authority identified a few areas in which Tally Ho can continue to improve. The audit team suggested ways Tally Ho can beef up its key generation function, and suggested offering users the option to delete or update archived versions of their vaults. Details on these suggested improvements can be found on pages 5 to 12 of the report. The growth areas that Least Authority identified during this audit are among the areas we have identified for further improvement.
What Was Tested?
Least Authority’s audit focused on investigating how correctly Tally Ho’s code was implemented as well as how the protocol manages private keys. It also tested various other components of Tally Ho linked to these criteria. The specific parts of the code that Least Authority tested can be found on Tally’s GitHub in the hd-keyring repository and the services/keyring component of the tally-extension repository.
The audit results are divided into several categories:
• System Design – Least Authority tested the security of Tally’s private key management protocol by “attempting to extract keys and insert wrong keyring data into the system.” In other words, the audit team tried to find ways to glean information about users’ private keys and tried to break into the system by entering bits of randomly-generated information.
The team “did not identify any issues with the implementation” during this process. Furthermore, Least Authority was not able to break through the security measures built into Tally's keyring service. Nor could it successfully exploit minor data inconsistencies to create undesirable results.
• Code Quality – Least Authority reviewed the organization of Tally’s key handling code and found it to be “well written and organized,” adding that “repositories adhere to best practice and classes have clear responsibilities and are loosely coupled.” The team recommended that Tally implement a robust test suite covering all classes of success and failure cases.
• Documentation – The audit team found the documentation that describes the general architecture of Tally’s system and intended functionality to be “accurate and helpful.” The documentation, it said, “aids security researchers and maintainers of the code to better understand the intended functionality, and identify potential errors or vulnerabilities in the implementation.”
A Decentralized Wallet for Decentralized Finance
The success of the audit provides important validation for the strength of Tally Ho’s design as we continue to work to make the project the go-to wallet for web3 users.
It’s important to acknowledge that nothing proves security better than time. Regardless, because we built the entire wallet from scratch, we can say for certain that Tally Ho uses a more hardened key derivation function with a tighter dependency tree than other wallets. Both of these are significant security improvements over the status quo. Nor will we stop there – security is and will always be Tally Ho’s first priority.
Tally Ho’s most important asset is our community of users and developers. If you’re a developer who’s interested in contributing to the future of Tally Ho, we’d love to hear from you. Check out our GitHub or hop in our shadowy-super-doggos room in the Tally Ho Discord.
We’d also love to hear from you if you’re not a developer: shape the conversation with us on Discord, and help us plan Tally’s future by joining our governance forum.
We become stronger when we work together. The Tally community has the power to build a freer and more transparent financial world. So let’s do it.