In Spring 2023, the Zcash Foundation engaged NCC Group to conduct a security assessment of the Zebrad application. Zebrad is a network client that participates in the Zcash consensus mechanism by validating blocks, maintaining the blockchain state (best chain and viable non-finalized chains), and gossiping blocks, transactions, and peer addresses. Five consultants performed the review, in a total of 60 person-days. The Zebra repository on branch audit-v1.0.0-rc.0 was in scope, with the following modules highlighted as the main areas of focus: zebra-chain, zebra-client, zebra-consensus, zebra-network, zebra-node-services, zebra-rpc, zebra-script, zebra-state, zebra-utils.
I am a Security Consultant with the Cryptography Services team at NCC Group. I have the same handle on Twitter: https://twitter.com/ParnianAlimi.