Crypto Flexs
  • DIRECTORY
  • CRYPTO
    • ETHEREUM
    • BITCOIN
    • ALTCOIN
  • BLOCKCHAIN
  • EXCHANGE
  • TRADING
  • SLOT
  • CASINO
  • SPORTSBET
  • SUBMIT
Crypto Flexs
  • DIRECTORY
  • CRYPTO
    • ETHEREUM
    • BITCOIN
    • ALTCOIN
  • BLOCKCHAIN
  • EXCHANGE
  • TRADING
  • SLOT
  • CASINO
  • SPORTSBET
  • SUBMIT
Crypto Flexs
Home»HACKING NEWS»Lombard Liquid Bitcoin Summary Summary
HACKING NEWS

Lombard Liquid Bitcoin Summary Summary

By Crypto FlexsOctober 3, 20255 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
Lombard Liquid Bitcoin Summary Summary
Share
Facebook Twitter LinkedIn Pinterest Email

The Liquid Bitcoin protocol of Lombard Finance is used by the user Solana SPL token form ( LBTC).

Lombard Finance worked with Ackee Blockchain Security to provide security review as a total time donation of the 12th engineering day between March 3 and March 18, 2025.

Second, the revision review was carried out for the revision of the previous revision.

Lombard Finance worked with Ackee Blockchain Security to conduct another security review of liquid bitcoin protocol with a total time donation of 3 days between March 25 and March 28, 2025.

The modification review of the second amendment was then performed on the revision of the revised 2.0, including the scope expansion described below.

methodology

We started to review as we became accustomed to codebase and range of business logic. It took a considerable time to review the document and investigate the wider range of the protocol (for example, Babylon Bitcoin Starking).

After completing the initial study, the code base was conducted manual review. The manual review consists of several stages, and the first step is usually focused on understanding codebase.

  • Components of the Solana program;
  • All guidelines that the program accepts;
  • Architecture and structure of codebase; and
  • All information projects are stored in the chain.

After setting this early understanding, we went forward to the second stage, where we reviewed the codes of each line. This is composed of in -depth analysis, potential problems, bugs and security issues.

During the manual review, we paid special attention later.

  • Make the project correctly initialized and configured.
  • Checking the mining of LBTC is firmly processed.
  • Checking the verification process cannot be bypassed.
  • Make sure the protocol works transparently as expected.
  • Check that there is no mechanism that can be used for users. and
  • We are looking for a common problem that can occur in the code base.

While reviewing the BASCULE program, we tested that the protocol worked as intended by the concept proof test. This review continued with a deeper understanding of the program, and in the meantime, we have guaranteed:

  • It is used correctly during the cross program call (CPI) of the LBTC program.
  • Only appointed reporters can submit new deposits.
  • Only appointed validation can be deceived by this deposit.
  • All potential scenarios are dealt with correctly (e.g., scenarios under the verification threshold); and
  • All mint requests are still verified and cannot be bypassed.

range

The first audit was performed at Commit 9171ae4 And the range is as follows:

  • Excluding external dependence LOMBARD Finance Solana Contract

Revision 1.1 was performed in a given commit. ca1ccb2 I focused on modifications of the first gratitude.

Revision 2.0 was performed at Commit c96dc36 And the range is as follows:

  • Except for external dependence, Lombard Finance Solana Contract;
  • BASCULE program except external dependencies.

Then I did revision 2.1 at Commit 9001c77 Modifications provided in the revised 2.0. Scope is source code (e.g. G, change_mint_auth) This addition was not reviewed because it was not in the range for revision 2.0.

Security discovery classification is determined by two grades. influence and What can be. This two -dimensional classification helps to clarify the seriousness of individual problems. The problem to be evaluated middle It is severe, but the possibility of being found only by the team is generally reduced according to the possibility. wAnnings or menFormational Severe rating.

Our review results have emerged 22 DiscoveryIt ranges from information to seriousness. The problem was fixed or recognized by the customer. For an overview, read the entire report linked below.

Threshold

There was no important serious problem.

The severity is high

H1: Unauthorized LBTC mining possible

Intermediate

M1: Inappropriate fees

M2: Run initialization front as possible

M3: Repayment does not allow asset refunds

M4: minters are risk of security

M5: A cross program call cannot be executed due to the configuration account.

M6: Cross program calls cannot be executed due to immutable accounts

Low severity

L1: The originality of role -based access control is not guaranteed

Significance of warning

W1: Can’t transfer the configuration organization

W2: The Treasury Department can make the protocol non -operating.

W3: Signature of weighted validation test

W4: Calling the depreciated cross program call

W5: The field may not be initialized

W6: UnstakeRequest We do not consider fees

W7: Panic potential caused by arithmetic overflow

W8: Unexpected movements on the vector boundary

W9: Unfinished code can cause undesirable behavior

W10: run initialization front

W11: cannot be delivered BasculeData authority

Information seriousness

I1: inaccurate opinion

I2: You can improve your code quality

i3: Unnecessary storage of the BASCULE program in the configuration account

Trust model

The protocol implements the Role-based Access Control (RBAC) with multiple privileges and message verification processes, but the user must trust:

  • Configuration manager to set appropriate operating costs;
  • Minters can circulate new tokens of Solana blockchain, so configuration manager to assign minters with security considerations;
  • Protocols for maintaining appropriate verification because the minimum limit of off chain validation is set to 1; and
  • Protocol to initialize correctly LBTC Token, this means not misuse freeze_authority Or expanded token-2022.

conclusion

AcKee Blockchain Security recommended Lombard Finance to solve all the reported problems.

You can find the entire Lombard Finance Liquid Bitcoin audit report of ACKEE BLOCKCHAIN ​​Security. here.

We were happy to be grateful for Lombard Finance and expect to work with them again.

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

UXLINK attackers mix stolen assets and have drained $ 43 million by phishing

September 29, 2025

YouTube Star MR BEAST Scoops 3 Days Purchase SPREE ASTER in SPREE

September 27, 2025

Detect the full execution bug with the induction pursing of Wake

September 25, 2025
Add A Comment

Comments are closed.

Recent Posts

Free bitcoin.in app withdrawal request My satoshi

October 3, 2025

If this happens, you can see a huge price of $ 1.9.

October 3, 2025

Lombard Liquid Bitcoin Summary Summary

October 3, 2025

Easily Earn $5588+ In Passive Income Every Day With PlanMining Cloud Mining

October 3, 2025

The reason why hyper clicade wins aster with Perp DEX, which can be most invested.

October 3, 2025

Psy Protocol Testnet Combines Internet Scale And Speed With Bitcoin-Level Security

October 2, 2025

Eightco Holdings Inc. ($ORBS) Expands Investor Access With Options Trading

October 2, 2025

How To Use A Bitcoin Heatmap For Smarter Trading Decisions

October 2, 2025

Pioneer the future of digital innovation throughout Web2 and Web3

October 2, 2025

Codego Launches Whitelabel Devices Bringing Tokens Into Daily Life

October 2, 2025

Ethereum Future is an execution of stablecoins and tokenized assets -then you need to know:

October 2, 2025

Crypto Flexs is a Professional Cryptocurrency News Platform. Here we will provide you only interesting content, which you will like very much. We’re dedicated to providing you the best of Cryptocurrency. We hope you enjoy our Cryptocurrency News as much as we enjoy offering them to you.

Contact Us : Partner(@)Cryptoflexs.com

Top Insights

Free bitcoin.in app withdrawal request My satoshi

October 3, 2025

If this happens, you can see a huge price of $ 1.9.

October 3, 2025

Lombard Liquid Bitcoin Summary Summary

October 3, 2025
Most Popular

Worldcoin (WLD) Introduces Personal Data Protection and Age Verification Updates

April 10, 2024

As the NFT sector increases, the IMX aims for $ 1.

May 3, 2025

Digital pound consultations will break on Thursday, a government official said.

January 25, 2024
  • Home
  • About Us
  • Contact Us
  • Disclaimer
  • Privacy Policy
  • Terms and Conditions
© 2025 Crypto Flexs

Type above and press Enter to search. Press Esc to cancel.