Infinito Wallet mobile application security analysis

Infinity Blockchain Labs asked SmartDec team to review and audit Infinito Wallet application. Infinity Blockchain Labs is one of the biggest blockchain development companies in Vietnam which provides various solutions and products.
Infinito Wallet is a multi-coin cryptocurrency wallet for iOS and Android mobile platforms. This product is one of the most important products for IBL company, so we were happy to take up this work.

The product consists of :

• mobile application written in JavaScript
• API backend

The initial audit has shown two critical vulnerabilities which have been successfully fixed by the developers. Our check of the fixed issues has shown the correctness of fixing in the latest version of the code.
We reported 6 medium-severity issues and two recommendations. The concentration of the issues is low for the industry. SmartDec has given recommendations of how to fix the remaining issues. The developers team is currently working on fixing them. The full audit is presented here.

We will be more than happy to work with Infinity Blockchain Labs again. We also thank Infinito Wallet developers team, who stayed in contact with us during the audit and promptly eliminated investigated issues.

This review was performed by SmartDec, a security team specialized in static code analysis, decompilation and secure development.

Feel free to use SmartCheck, our smart contract security tool for Solidity language, and follow us on Medium. We are also available for smart contract development and auditing work.