Security Audit Reports for OKX Wallet: CertiK & SlowMist Findings

Overview of Security Audits

OKX Wallet has undergone comprehensive security audits by CertiK and SlowMist, two leading blockchain security firms. These audits ensure the highest standards of safety for users' assets and data across mobile, Web3, and decentralized applications (DApps). Below, we detail the scope, findings, and resolutions from each audit.

CertiK Audit Highlights

Scope of CertiK Audits

CertiK evaluated multiple components of OKX Wallet, including:

• Mobile App (iOS/Android): Wallet creation/import, password management, and cloud backups.
• Front-End: ReactJS UI components and JS controllers for keyring interactions.
• Wallet SDK Modules: Bitcoin SDK, okwallet-core, and SRC.

Key Findings

• 5 security issues identified:

  • 3 low-risk/informational findings.
  • 2 findings with undetermined risk levels.
  • All issues were resolved prior to publication.

👉 View CertiK's full audit report

Additional CertiK-Verified Components

1. Threshold-lib: Passed security audit.

2. Core Smart Contracts:

   • DexRouter: Facilitates trading across DEXs.
   • OkxNFTMarketAggregator: NFT marketplace aggregator.
   • Entrance: Executes instructions via registered adapters.
   • UniswapV2AdapterMain: Adapter for UniswapV2 LP staking.
   • Results indicated low overall risk.
3. Solana Marketplace: Also certified by CertiK.

SlowMist Audit Highlights

Scope of SlowMist Audits

SlowMist assessed:

• OKX MPC Wallet (Android): 9 suggestions and 1 low-risk issue addressed.
• Ord Module: 7 low-risk vulnerabilities + 3 suggestions resolved.
• Account Abstraction: Low-risk results with all fixes implemented.

👉 Access SlowMist's detailed reports

Private Key Module Security

• Key Safeguards:

  • Private keys/seed phrases never leave user devices.
  • Zero uploads to external servers.
• SlowMist Verification: Confirmed adherence to strict encryption protocols.

Why These Audits Matter

Security audits are critical for:

• Trust: Independent validation of wallet integrity.
• Transparency: Publicly available reports for user review.
• Proactive Safety: Identification and resolution of potential threats.

OKX Wallet remains committed to continuous improvement, ensuring users benefit from secure, multi-chain Web3 services.

FAQs

1. How often does OKX Wallet undergo security audits?

Audits are conducted biannually or before major updates to preempt risks.

2. Can audit reports be verified?

Yes. Links to CertiK/SlowMist reports are provided above.

3. What happens if a critical issue is found post-audit?

OKX deplixes immediate patches and notifies users via official channels.

4. Does OKX Wallet support hardware wallets?

Yes, integrating Ledger and Trezor for enhanced security.

5. How are private keys protected in the OKX MPC Wallet?

Keys are distributed via Multi-Party Computation (MPC), eliminating single-point failures.

Conclusion

OKX Wallet’s low-risk audit results and swift problem resolution reflect its dedication to user safety. For further details, explore the linked reports or visit OKX’s official security portal.

👉 Learn more about OKX Wallet’s security measures