Gem Wallet Completes CertiK Security Audit

Published on April 8, 2026
Kate Levy
Kate Levy Content Creator
Max Costa
Max Costa Research Analyst
Gem Wallet Completes CertiK Security Audit
Table of Contents

Gem Wallet has completed the first independent security audit conducted by CertiK - the world’s leading Web3 security firm. The final report, published April 8, 2026, confirmed 0 critical and 0 high findings across iOS and Android, establishing Gem Wallet as one of the most thoroughly audited secure mobile wallets in Web3.

What Is CertiK?

CertiK is a globally recognized company specializing in independent security audits of blockchain projects, mobile wallets, DeFi protocols, and smart contracts - combining formal verification and deep manual analysis. A market leader in Web3 with over 5,000 clients and $495B (as of April 2026) in digital assets assessed, the company has audited projects including Tether, Ethereum Foundation, Ripple, TON, Aptos and hundreds more.

Gem Wallet Audit Results

CertiK conducted an in-depth security audit of Gem Wallet on iOS and Android - assessing the application’s functionality, business logic, and security controls against the OWASP Mobile Application Security Verification Standard (MASVS) and OWASP Mobile Application Security Testing Guide (MASTG) - the industry standard for mobile application security. The audit combined manual code review, static analysis, and dynamic runtime testing across the Swift (iOS), Kotlin (Android), and Rust (shared core) codebases.

The audit covered the most critical areas of wallet security: private key generation and storage, mnemonic phrase handling, transaction signing flows, and confirmation that private keys are never exposed or leaked outside the device. The assessment identified 11 findings in total:

  • Critical - 0
  • High - 0
  • Medium - 6 (all resolved prior to publication)
  • Low - 5 (1 resolved, 4 acknowledged)

The 4 acknowledged findings are low-severity hardening recommendations that do not affect private key security or the safety of your assets.

Gem Wallet maintains a verified security profile on CertiK Skynet, where the live audit score and all findings are publicly accessible.

Why This Matters for You

Gem Wallet is a 100% open-source self-custodial mobile wallet: your private keys never leave your device and no third party, including our team, has access to your assets. Because our code is publicly available on GitHub - wallet and core - the audit findings and all fixes are publicly verifiable.

The resolved findings directly protect users from real-world threats: phishing attacks via WalletConnect, cross-chain replay attacks through strict EIP-712 Chain ID validation, and unauthorized unlimited token approvals. All medium-severity findings were fully resolved before publication.

Read the Full CertiK Report

📄 Gem Wallet CertiK Audit Report (PDF)

Security is an ongoing commitment, not a one-time checkbox. This audit is the first step - Gem Wallet plans to conduct regular independent security assessments going forward.

Try Gem Wallet now!

Self-custody wallet for 100+ blockchains

App Store 4.9 ★ on App Store | Google Play 4.8 ★ on Google Play
Download Now

Frequently Asked Questions

CertiK - the world's leading Web3 security firm.
April 8, 2026.
No. The audit confirmed 0 critical and 0 high findings.
Yes. Gem Wallet is a self-custody wallet - your private keys never leave your device.

Related Posts