Unfortunately we have not completed a satisfactory security audit. We engaged with one company, but I don't think they were worth their salt. The problem is that the "good" companies are much more expensive, so it's a consideration of the value of the security audit. (If you know of a reputable company that would like to audit for free though...)

The code is not yet open source, but we are primarily expanding on this open-source library. https://github.com/ZenGo-X/multi-party-ecdsa We still have plans to make it open-source eventually, but we haven't seen the demand, so it has so far not made it to the top of our to-do list. The way I see it, there are tons of crypto apps and programs out there that are closed-source, or worse, "open-source". People are using those apps today, and they don't offer the same distributed security that we do. So yea, perhaps not the answer people want to hear, but it's the best we have given our limited development bandwidth.