Crypto Flexs
  • DIRECTORY
  • CRYPTO
    • ETHEREUM
    • BITCOIN
    • ALTCOIN
  • BLOCKCHAIN
  • EXCHANGE
  • TRADING
  • SLOT
  • CASINO
  • SPORTSBET
  • SUBMIT
Crypto Flexs
  • DIRECTORY
  • CRYPTO
    • ETHEREUM
    • BITCOIN
    • ALTCOIN
  • BLOCKCHAIN
  • EXCHANGE
  • TRADING
  • SLOT
  • CASINO
  • SPORTSBET
  • SUBMIT
Crypto Flexs
Home»HACKING NEWS»HyperLend Protocol Thanksgiving Summary -Ackee Blockchain
HACKING NEWS

HyperLend Protocol Thanksgiving Summary -Ackee Blockchain

By Crypto FlexsJune 21, 20255 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
HyperLend Protocol Thanksgiving Summary -Ackee Blockchain
Share
Facebook Twitter LinkedIn Pinterest Email

Hyperlend is a loan protocol placed on the hyper liquid chain. This protocol implements a risk classification loan pool designed for various use cases. The protocol infrastructure includes a crosschain deposit termination point for the protocol pool, a roofing contract that enables location management through flash clones, and a helper contract for asset listing.

Hyperlend worked with Ackee Blockchain Security to review the HyperLend protocol as a total time donation of the 46th engineering day between January 10 and February 725.

Second, FIX Review was carried out between February 17 and February 24, 2025.

Then the third review was conducted between March 12 and March 18.

methodology

We started reviewing with a deep diving of the logic of the contract. We used static analysis tools including Wake to support review and manually induced the basic functions of the code in the code.

During the review, we paid special attention later.

  • The contract cannot be stolen or not intended.
  • Reinvision detection possible in the code;
  • Integrated confirmation with other companies is accurate and safe.
  • Common problems such as data verification.

range

The audit was performed in the next repository and is as follows.

  • Hyper Lens Core Commit 425624;
  • Hyper Rent-Separation Commit 37c678;
  • Rooping contract (personal repository) commit 0fdde7;
  • Core-Corn Pig Engine Commit 0339f1;
  • Cross chain loan difficulty (personal repository) commit 43b101.

The modification review is performed in the following repository and is as follows.

  • Hyper Lens Core Commit 625161;
  • Hyper Rent-Separation Commit 0b90ce;
  • Rooping contract (personal repository) commit cb6fac;
  • Core-Corn Pig Engine Commit 4ff785;
  • Cross chain loan difficulty (personal repository) commit 38dc8a.

The third audit was performed in HyperLend-Core New Repository. 0c2b14. The range included all changes. src The directory compared to the original AAVE V3.2 codebase.

Security discovery classification is determined by two grades. influence and What can be. This two -dimensional classification helps to clarify the seriousness of individual problems. The problem to be evaluated middle It is severe, but the possibility of being found only by the team is generally reduced according to the possibility. wAnnings or menFormational Severe rating.

Our review has resulted in 44 results, from information to critical seriousness. The most serious discovery C1 had an important danger when all the mortgage tokens were stolen from the separate pool of the protocol. The core problem was originally reported in the context of the FRAXLEND V3 Codebase, so we used the incorrectly used price providers such as the new chain link. The problem could not be detected by performing derivative reviews without the context of the original codebase.

The result of C1, M1, M2, M7, M10, and L2 was discovered through a manual fujing using Wake Testing Framework. The results were found through Wake static analysis.

Threshold

C1: It does not go back to the price of an old chain link

The severity is high

H1: Possibility of locked tokens

Intermediate

M1: The wrong suggestion ID has been discharged

M2: Support for primitive tokens bridging has been missing

M3: Sending any token through unlimited refund function

M4: The wrong token balance check leads to the failure of the failure to be located.

M5: Divide before multiplication openPosition function

M6: missing payable Crystal

M7: minAmountOut The calculation is too limited

M8: Insectable token symbol form

M9: missing token verification for bridge start

M10: SafeERC20 Not used

M11: native transfer Returns to the outside of gas

M12: WalletBalanceProvider Basic token lock

M13: Chain Link Price Feed Verification has been missing

Low severity

L1: missing swap deadline protection

L2: Attempt/Catch can still be reversed

L3: A condition that is not satisfactory in the closing position with Flashloans

L4: The wrong error message

L5: missing the reception function for basic token processing

L6: missing queue transaction verification cancelTransaction

L7: You can wait several times the same deal

L8: You can bypass the default token recovery

Significance of warning

W1: The inspection has been missing to capture the underflow error

W2: Double List Suggested ID

W3: Case insensitive income

W4: Hardhat console revenue

W5: Unused state variables StrategyManager

W6: The zero address verification has been missing

W7: Lack of events

W8: missing proposal presence and missing validation

W9: Potential sound index CHAINLINK_NORMALIZATION calculate

W10: Balance token balance used to calculate debt value

Information seriousness

I1: Mistake of underlined under the internal function name

I2: Nominated for wrong variable due to typos

i3: Not used Ownable succession

I4: Insonquid visibility _reversePath function

i5: getUserAccountData When the token price is 0, the function is reversed

i6: getUserPairs Returns an array with an empty position

i7: Not used swapPath Parameters SwapParams structure

I8: Unused functions that are risk of potential data cutting

i9: Incorrect documentation

i10: The variable can be immutable

Trust model

The user must trust the hyper rend to keep the protocols or to operate the token price. Stargate GateWays must be trusted to communicate the message between the chain during the cross chain sediment.

conclusion

AcKee Blockchain Security

  • Continue to tell you about the latest modifications for AAVE and FraxLend codebase. and
  • List new tokens, guarantee the quality of price Oracle, and maintain the best security practices when monitoring the health of the protocol pool.

ACKEE BLOCKCHAIN ​​Security’s entire hyper -repord audit report can be found here..

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Lombard Liquid Bitcoin Summary Summary

October 3, 2025

UXLINK attackers mix stolen assets and have drained $ 43 million by phishing

September 29, 2025

YouTube Star MR BEAST Scoops 3 Days Purchase SPREE ASTER in SPREE

September 27, 2025
Add A Comment

Comments are closed.

Recent Posts

Solana Future Surge as the institution induces the open interest for the best record.

October 4, 2025

Free bitcoin.in app withdrawal request My satoshi

October 3, 2025

If this happens, you can see a huge price of $ 1.9.

October 3, 2025

Lombard Liquid Bitcoin Summary Summary

October 3, 2025

Easily Earn $5588+ In Passive Income Every Day With PlanMining Cloud Mining

October 3, 2025

The reason why hyper clicade wins aster with Perp DEX, which can be most invested.

October 3, 2025

Psy Protocol Testnet Combines Internet Scale And Speed With Bitcoin-Level Security

October 2, 2025

Eightco Holdings Inc. ($ORBS) Expands Investor Access With Options Trading

October 2, 2025

How To Use A Bitcoin Heatmap For Smarter Trading Decisions

October 2, 2025

Pioneer the future of digital innovation throughout Web2 and Web3

October 2, 2025

Codego Launches Whitelabel Devices Bringing Tokens Into Daily Life

October 2, 2025

Crypto Flexs is a Professional Cryptocurrency News Platform. Here we will provide you only interesting content, which you will like very much. We’re dedicated to providing you the best of Cryptocurrency. We hope you enjoy our Cryptocurrency News as much as we enjoy offering them to you.

Contact Us : Partner(@)Cryptoflexs.com

Top Insights

Solana Future Surge as the institution induces the open interest for the best record.

October 4, 2025

Free bitcoin.in app withdrawal request My satoshi

October 3, 2025

If this happens, you can see a huge price of $ 1.9.

October 3, 2025
Most Popular

Ethereum Gaming Altcoin Rally As Large Whales Withdraw from Binance: On-Chain Data

December 14, 2023

Merchants with ETH/BTC plummeted to the lowest level of five years had to consider switching to promising alternatives.

March 13, 2025

GMX’s active user base is booming, but there’s a problem.

December 2, 2023
  • Home
  • About Us
  • Contact Us
  • Disclaimer
  • Privacy Policy
  • Terms and Conditions
© 2025 Crypto Flexs

Type above and press Enter to search. Press Esc to cancel.