Trail of Bits finds no vulnerabilities in Worldcoin’s Orb scanner
Trail of Bits has independently audited Worldcoin’s decentralized protocol for personal identification.
According to the report, on Aug. 14, 2023, the Trail of Bits team began testing the software and device Orb, designed to scan the user’s iris. Experts reportedly spent six weeks studying the code for potential vulnerabilities.
In particular, they simulated several attacks where hackers could access users’ data. The auditors concluded that the device code does not contain vulnerabilities.
Auditors also noted that potential attackers cannot extract iris data from Orb’s network traffic. To do this, the hacker must control one of the trusted certificates.
“Our analysis did not uncover vulnerabilities in the Orb’s code that can be directly exploited in relation to the Project Goals as described.”
Trail of Bits experts
Against the background of the report’s publication, WLD, the native token of the project, reacted with a 4% increase, from $9.50 to $9.90. However, the token’s growth was short-lived, as its price soon rolled back to $9.60 at the time of writing, according to CoinMarketCap data. The asset is trading 20% below its historical high of $11.82 on March 10.
Questions about possible security problems with Worldcoin have been popping up for months. In March, Spain’s data protection agency (AEPD) demanded that Worldcoin stop collecting personal information and use already collected data. In addition, since its launch in July 2023, the project has been investigated in countries such as Germany, France, the U.K., and Kenya.
Additionally, in January, the Hong Kong regulator searched the company’s offices. In early March, South Korea began investigating a startup that collects biometric data.