33 lines
1.4 KiB
Markdown
33 lines
1.4 KiB
Markdown
|
<pre>
|
||
|
|
W3P: 3
|
||
|
|
Title: Privacy features audit concept for security audit organizations & whitehackers (research)
|
||
|
|
Status: preparation
|
||
|
|
Type: Research
|
||
|
|
Created: 2023-10-01
|
||
|
|
</pre>
|
||
|
|
## Contents
|
||
|
|
- [Context](#Context)
|
||
|
|
- [Privacy features to audit](#Privacy-features)
|
||
|
|
- [Additional](#Additional)
|
||
|
|
|
||
|
|
# Context
|
||
|
|
|
||
|
|
Research on how private web3-solutions are used within the Ukrainian-Russian war (with a focus on privacy-protecting currencies like Zcash). It covers both free & occupied Ukrainian territory & Russia. Where even a "like, share or tweet" is enough for prosecution. Meaning that privacy is the way for freedom of speech protection.
|
||
|
|
|
||
|
|
# Privacy features
|
||
|
|
|
||
|
|
| Feature | Observation |
|
||
|
|
| Selected privacy technology maturity | latest, old etc |
|
||
|
|
| Selected privacy technology delivery | state of the privacy tech: test-net, poor code execution etc |
|
||
|
|
| Default privacy | enabled, not |
|
||
|
|
| Privacy policies (data collection policies) | what data is collected & why; marking non-essential data collection practices |
|
||
|
|
| Non-consent data collection practices | IP, wallet, balance etc |
|
||
|
|
| Anonymous set | data "profile" service reveal about you |
|
||
|
|
| Third-party privacy tech maturity | If service is a part of ecosystem - security audit company comments on core tech privacy (Ethereum, Waku) |
|
||
|
|
| Traceability | How traceable are transactions |
|
||
|
|
|
||
|
|
# Additional
|
||
|
|
|
||
|
|
| Feature | Observation |
|
||
|
|
| Privacy risk | low, medium, high |
|