Blog post

Security assessments: NU3 specifications, Blossom implementation and Sapling documentation

Benjamin Winston
January 27, 2020

Two separate security assessments have been completed on ZIPs that specify changes in the upcoming Zcash network upgrade (now named “Heartwood”).

ZIP 213: “Shielded Coinbase” and ZIP 221: “FlyClient Zcash SPV” were assessed for security by firms NCC Group and Trail of Bits.

Additionally, Trail of Bits produced some documentation helping to explain Sapling to newcomers, and NCC Group assessed the code implementation of the Blossom changes as part of their respective engagements.

Each team worked closely with the Electric Coin Co. engineering team, and both produced high-quality outputs that help provide vital security assurance on the Zcash network.

The following are now available:
NCC Group security assessment report
Trail of Bits security assessment report
Trail of Bits Sapling documentation

Recent blog posts:

Our Features

We sometimes use cookies to improve the performance of our website. Choose what you allow.

Essential

Essential

Always Enabled

This includes key features like page navigation and logging you in. The website cannot function without this. Who do we share data with?

Description
Google Analytics
Google Optimize
Google Tag Manager
New Relic
Sendgrid

Does this policy need cookies to work? Yes.

Marketing