Authentication and Pub/Sub scoping. Since Dapr is available as open source software, the adopted methodology was clearly a white-box approach. Cure53 had access to sources, as well as received various test- assisting the test and audit in moving forward swiftly. Given good choices and practices regarding methodology, setup and communications, Cure53 managed to carry out substantial research and acquired a very

dedicated environment created by the Dapr team for the testing purposes was provided. White-box methodology, just as last time, has guided the work of Cure53. All preparations were done in January 2021