I applaud the audit, but how many people actually read it?  Stand out items:  no mathematical analysis performed on involved cryptographic algorithms and methods (outside the scope of the audit); Cloaking transactions with few cloakers can be traced, both sender and receiver; reliance on out of date bitcoin and Tor code; random number generator doesn't really work for enigma transactions; source code analysis found multiple instances of reliance out out-of-date and unsafe methods, transaction history stored in an unencrypted format.  Compromise of Anonymity is flagged as a current "high" severity risk factor on cloak transactions with, say, three cloakers.  It is susceptible to a DLL preload attack; page 17 describes the issues resulting from using old and out of date Bitcoin code base; page 20 addresses how the Tor code is out of date and vulnerable to a list of exploits; page 21 several functions found in the source code which leave Cloak vulnerable to buffer overflow attacks.  You can't back up the wallet using the currently accepted best practice of using a seed phrase.  I'll stop there.  To the people that are saying "wow!" I ask again:  did you read the audit report?

The Cloak team replies to a number of these identified shortcomings by simply stating that in the future an upgrade of the wallet software will address these issues.  I hope so.

+1 for the audit, but it seems there is still quite a bit of work to be done to make this world class.