2023-10-19 14:47:44 +02:00
|
|
|
<pre>
|
|
|
|
W3P: 3
|
|
|
|
Title: Privacy features audit concept for security audit organizations & whitehackers (research)
|
|
|
|
Status: preparation
|
|
|
|
Type: Research
|
|
|
|
Created: 2023-10-01
|
|
|
|
</pre>
|
|
|
|
## Contents
|
|
|
|
- [Context](#Context)
|
|
|
|
- [Privacy features to audit](#Privacy-features)
|
|
|
|
- [Additional](#Additional)
|
|
|
|
|
|
|
|
# Context
|
|
|
|
|
|
|
|
# Privacy features
|
|
|
|
|
|
|
|
| Feature | Observation |
|
2023-10-19 14:48:14 +02:00
|
|
|
| ------------- | -------------
|
2023-10-19 14:47:44 +02:00
|
|
|
| Selected privacy technology maturity | latest, old etc |
|
|
|
|
| Selected privacy technology delivery | state of the privacy tech: test-net, poor code execution etc |
|
|
|
|
| Default privacy | enabled, not |
|
|
|
|
| Privacy policies (data collection policies) | what data is collected & why; marking non-essential data collection practices |
|
|
|
|
| Non-consent data collection practices | IP, wallet, balance etc |
|
|
|
|
| Anonymous set | data "profile" service reveal about you |
|
|
|
|
| Third-party privacy tech maturity | If service is a part of ecosystem - security audit company comments on core tech privacy (Ethereum, Waku) |
|
|
|
|
| Traceability | How traceable are transactions |
|
|
|
|
|
|
|
|
# Additional
|
|
|
|
|
|
|
|
| Feature | Observation |
|
2023-10-19 14:48:14 +02:00
|
|
|
| ------------- | -------------
|
2023-10-19 14:47:44 +02:00
|
|
|
| Privacy risk | low, medium, high |
|