Introduction
OKX Wallet has undergone comprehensive security audits by leading blockchain security firms CertiK and SlowMist. This report details the audit scope, findings, and resolutions across various wallet components, demonstrating our commitment to user asset protection and platform security.
CertiK Audit Findings
Mobile & Frontend Components Audit
OKX Wallet's mobile and frontend modules successfully passed CertiK's security assessment, including:
- Mobile app source code for iOS/Android (covering wallet creation/import, password management, and cloud backup)
- ReactJS UI components for wallet functionalities
- JavaScript controls for keyring interaction
- Wallet SDK modules (Bitcoin SDK, okwallet-core, and SRC)
Key Results:
- 5 security issues identified (3 low-risk, 2 indeterminate risk)
- All vulnerabilities were resolved prior to deployment
๐ View complete CertiK mobile audit details
Threshold-lib Verification
The threshold cryptographic library powering OKX Wallet received CertiK's security approval:
- Mathematical correctness of threshold signature schemes
- Implementation security against cryptographic attacks
Smart Contract Audit
Core OKX Wallet contracts passed rigorous examination:
| Contract Component | Functionality |
|---|---|
| DexRouter | Multi-DEX trading router |
| OkxNFTMarketAggregator | Cross-market NFT trading |
| EntryPoint | Secure instruction gateway |
| UniswapV2AdapterMain | Liquidity pool staking interface |
Final Rating: Low-risk with all issues remediated
SlowMist Security Assessments
Android MPC Wallet Audit
- 9 recommendations addressed
- All identified low-risk vulnerabilities resolved
- Zero critical or high-risk findings
Account Abstraction (AA) Verification
- Secure smart contract wallet implementation
- Full remediation of audit findings
Private Key Module Validation
SlowMist confirmed critical security protocols:
- Device-exclusive storage of private keys/seed phrases
- Zero external server transmission of sensitive data
- End-to-end encryption for all cryptographic operations
Security Architecture Highlights
OKX Wallet implements enterprise-grade protections:
- Multi-party computation (MPC) for distributed key management
- Hardware-isolated execution of sensitive operations
- Continuous monitoring for anomalous activity
- Automated threat response systems
FAQ Section
Q: How often does OKX Wallet undergo security audits?
A: We conduct bi-annual comprehensive audits plus event-driven assessments after major updates.
Q: Can third parties verify the audit results?
A: All reports are publicly available through CertiK and SlowMist's verification portals.
Q: What happens when vulnerabilities are found?
A: Our security team immediately quarantines issues with average 4-hour resolution for critical findings.
Q: Does OKX store user private keys?
A: Absolutely not. All keys remain exclusively on user devices per our zero-knowledge security model.
๐ Explore OKX Wallet's security features
Conclusion
Through rigorous third-party evaluations and continuous security enhancements, OKX Wallet maintains industry-leading protection standards across all components. Our commitment to transparency and user asset safety remains unwavering as we evolve our security posture to counter emerging threats.
For the latest security updates, refer to the official audit reports from CertiK and SlowMist.