Crypto Flexs
  • DIRECTORY
  • CRYPTO
    • ETHEREUM
    • BITCOIN
    • ALTCOIN
  • BLOCKCHAIN
  • EXCHANGE
  • TRADING
  • SUBMIT
Crypto Flexs
  • DIRECTORY
  • CRYPTO
    • ETHEREUM
    • BITCOIN
    • ALTCOIN
  • BLOCKCHAIN
  • EXCHANGE
  • TRADING
  • SUBMIT
Crypto Flexs
Home»HACKING NEWS»HyperLend Protocol Thanksgiving Summary -Ackee Blockchain
HACKING NEWS

HyperLend Protocol Thanksgiving Summary -Ackee Blockchain

By Crypto FlexsJune 21, 20255 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
HyperLend Protocol Thanksgiving Summary -Ackee Blockchain
Share
Facebook Twitter LinkedIn Pinterest Email

Hyperlend is a loan protocol placed on the hyper liquid chain. This protocol implements a risk classification loan pool designed for various use cases. The protocol infrastructure includes a crosschain deposit termination point for the protocol pool, a roofing contract that enables location management through flash clones, and a helper contract for asset listing.

Hyperlend worked with Ackee Blockchain Security to review the HyperLend protocol as a total time donation of the 46th engineering day between January 10 and February 725.

Second, FIX Review was carried out between February 17 and February 24, 2025.

Then the third review was conducted between March 12 and March 18.

methodology

We started reviewing with a deep diving of the logic of the contract. We used static analysis tools including Wake to support review and manually induced the basic functions of the code in the code.

During the review, we paid special attention later.

  • The contract cannot be stolen or not intended.
  • Reinvision detection possible in the code;
  • Integrated confirmation with other companies is accurate and safe.
  • Common problems such as data verification.

range

The audit was performed in the next repository and is as follows.

  • Hyper Lens Core Commit 425624;
  • Hyper Rent-Separation Commit 37c678;
  • Rooping contract (personal repository) commit 0fdde7;
  • Core-Corn Pig Engine Commit 0339f1;
  • Cross chain loan difficulty (personal repository) commit 43b101.

The modification review is performed in the following repository and is as follows.

  • Hyper Lens Core Commit 625161;
  • Hyper Rent-Separation Commit 0b90ce;
  • Rooping contract (personal repository) commit cb6fac;
  • Core-Corn Pig Engine Commit 4ff785;
  • Cross chain loan difficulty (personal repository) commit 38dc8a.

The third audit was performed in HyperLend-Core New Repository. 0c2b14. The range included all changes. src The directory compared to the original AAVE V3.2 codebase.

Security discovery classification is determined by two grades. influence and What can be. This two -dimensional classification helps to clarify the seriousness of individual problems. The problem to be evaluated middle It is severe, but the possibility of being found only by the team is generally reduced according to the possibility. wAnnings or menFormational Severe rating.

Our review has resulted in 44 results, from information to critical seriousness. The most serious discovery C1 had an important danger when all the mortgage tokens were stolen from the separate pool of the protocol. The core problem was originally reported in the context of the FRAXLEND V3 Codebase, so we used the incorrectly used price providers such as the new chain link. The problem could not be detected by performing derivative reviews without the context of the original codebase.

The result of C1, M1, M2, M7, M10, and L2 was discovered through a manual fujing using Wake Testing Framework. The results were found through Wake static analysis.

Threshold

C1: It does not go back to the price of an old chain link

The severity is high

H1: Possibility of locked tokens

Intermediate

M1: The wrong suggestion ID has been discharged

M2: Support for primitive tokens bridging has been missing

M3: Sending any token through unlimited refund function

M4: The wrong token balance check leads to the failure of the failure to be located.

M5: Divide before multiplication openPosition function

M6: missing payable Crystal

M7: minAmountOut The calculation is too limited

M8: Insectable token symbol form

M9: missing token verification for bridge start

M10: SafeERC20 Not used

M11: native transfer Returns to the outside of gas

M12: WalletBalanceProvider Basic token lock

M13: Chain Link Price Feed Verification has been missing

Low severity

L1: missing swap deadline protection

L2: Attempt/Catch can still be reversed

L3: A condition that is not satisfactory in the closing position with Flashloans

L4: The wrong error message

L5: missing the reception function for basic token processing

L6: missing queue transaction verification cancelTransaction

L7: You can wait several times the same deal

L8: You can bypass the default token recovery

Significance of warning

W1: The inspection has been missing to capture the underflow error

W2: Double List Suggested ID

W3: Case insensitive income

W4: Hardhat console revenue

W5: Unused state variables StrategyManager

W6: The zero address verification has been missing

W7: Lack of events

W8: missing proposal presence and missing validation

W9: Potential sound index CHAINLINK_NORMALIZATION calculate

W10: Balance token balance used to calculate debt value

Information seriousness

I1: Mistake of underlined under the internal function name

I2: Nominated for wrong variable due to typos

i3: Not used Ownable succession

I4: Insonquid visibility _reversePath function

i5: getUserAccountData When the token price is 0, the function is reversed

i6: getUserPairs Returns an array with an empty position

i7: Not used swapPath Parameters SwapParams structure

I8: Unused functions that are risk of potential data cutting

i9: Incorrect documentation

i10: The variable can be immutable

Trust model

The user must trust the hyper rend to keep the protocols or to operate the token price. Stargate GateWays must be trusted to communicate the message between the chain during the cross chain sediment.

conclusion

AcKee Blockchain Security

  • Continue to tell you about the latest modifications for AAVE and FraxLend codebase. and
  • List new tokens, guarantee the quality of price Oracle, and maintain the best security practices when monitoring the health of the protocol pool.

ACKEE BLOCKCHAIN ​​Security’s entire hyper -repord audit report can be found here..

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Injective (INJ) Completes First Community Buyback Worth $32 Million

October 29, 2025

The first extension for Solana developers

October 27, 2025

Shamir’s Secret Sharing (SSS) for secure quantum data storage

October 25, 2025
Add A Comment

Comments are closed.

Recent Posts

Injective (INJ) Completes First Community Buyback Worth $32 Million

October 29, 2025

Whale.io Confirms First Airdrop For Crock Dentist NFT Holders

October 29, 2025

BTC And XRP Prices Fluctuate Dramatically. WOAHash Helps Holders Earn $9,900 In Daily Returns.

October 29, 2025

Acre Launches V2 Platform, Enabling Bitcoin Holders To Earn 14% APY (est.) From Self-Custody

October 29, 2025

BitcoinOS $BOS Token Is Live On Binance Alpha And Top Tier CEX Listings, Advancing Institutional BTCFi

October 29, 2025

MEXC Maintains Strong Financial Stability With Over 100% Proof Of Reserve Across Major Assets

October 29, 2025

Australia provides clarity on cryptocurrency regulation with new guidelines

October 29, 2025

Stake USDT To Earn BTC With Up To 600% APR

October 28, 2025

Coinbase Acquires Echo, Leading On-Chain Capital Raising Platform in $375 Million Deal

October 28, 2025

US Bitcoin reports holdings of 3,865 BTC after recent acquisition

October 27, 2025

Swiss Bitcoin App Relai Acquires MiCA License In France

October 27, 2025

Crypto Flexs is a Professional Cryptocurrency News Platform. Here we will provide you only interesting content, which you will like very much. We’re dedicated to providing you the best of Cryptocurrency. We hope you enjoy our Cryptocurrency News as much as we enjoy offering them to you.

Contact Us : Partner(@)Cryptoflexs.com

Top Insights

Injective (INJ) Completes First Community Buyback Worth $32 Million

October 29, 2025

Whale.io Confirms First Airdrop For Crock Dentist NFT Holders

October 29, 2025

BTC And XRP Prices Fluctuate Dramatically. WOAHash Helps Holders Earn $9,900 In Daily Returns.

October 29, 2025
Most Popular

How to discover quality in floods in the Internet capital market tokens

May 15, 2025

Ripple CEO says SEC Chairman Gary Gensler ‘will cause Biden to lose the election’

June 26, 2024

Crypto Holidays 2024: Blofin’s Expert Insights and Predictions for Crypto and DeFi Investors – The Defi Info

January 1, 2024
  • Home
  • About Us
  • Contact Us
  • Disclaimer
  • Privacy Policy
  • Terms and Conditions
© 2025 Crypto Flexs

Type above and press Enter to search. Press Esc to cancel.