{"id":1053,"date":"2025-06-16T23:57:17","date_gmt":"2025-06-16T21:57:17","guid":{"rendered":"https:\/\/ackee.xyz\/blog\/?p=1053"},"modified":"2025-07-01T11:11:10","modified_gmt":"2025-07-01T09:11:10","slug":"hyperlend-protocol-audit-summary","status":"publish","type":"post","link":"https:\/\/ackee.xyz\/blog\/hyperlend-protocol-audit-summary\/","title":{"rendered":"Hyperlend Protocol Audit Summary"},"content":{"rendered":"<p class=\"p1\">Hyperlend is a lending protocol deployed on the Hyperliquid chain. The protocol implements risk-segmented lending pools designed for different use cases. The protocol\u2019s infrastructure includes cross-chain deposit endpoints for protocol pools, looping contracts that enable position management through flash loans, and helper contracts for asset listing functionality.<\/p>\n<p class=\"p1\">Hyperlend engaged Ackee Blockchain Security to perform a security review of the Hyperlend protocol with a total time donation of 46 engineering days in a period between January 10 and February 7, 2025.<\/p>\n<p>A second, fix review was then performed between February 17 and February 24, 2025.<\/p>\n<p>A third review was then performed between March 12 and March 18.<\/p>\n<h2><span style=\"font-weight: 400;\">METHODOLOGY<\/span><\/h2>\n<p>We began our review with a deep dive into the logic of the contracts. We supported our review with static analysis tools, including <a href=\"https:\/\/getwake.io\">Wake<\/a>, and manually guided fuzzing checking basic functionality of the code in-scope.<\/p>\n<p>During the review, we paid special attention to:<\/p>\n<ul>\n<li>ensuring tokens cannot be stolen or unintentionally locked in the contracts;<\/li>\n<li>detecting possible reentrancies in the code;<\/li>\n<li>checking integration with third-party contracts is correct and secure;<\/li>\n<li>common issues such as data validation.<\/li>\n<\/ul>\n<h2><span style=\"font-weight: 400;\">SCOPE<\/span><\/h2>\n<p>The audit was performed on the following repositories and commits:<\/p>\n<ul>\n<li>hyperlend-core commit <code class=\"codehl\">425624<\/code>;<\/li>\n<li>hyperlend-isolated commit <code class=\"codehl\">37c678<\/code>;<\/li>\n<li>looping-contracts (private repository) commit <code class=\"codehl\">0fdde7<\/code>;<\/li>\n<li>core-config-engine commit <code class=\"codehl\">0339f1<\/code>;<\/li>\n<li>cross-chain-lending-deposits (private repository) commit <code class=\"codehl\">43b101<\/code>.<\/li>\n<\/ul>\n<p>The fix review was performed on the following repositories and commits:<\/p>\n<ul>\n<li>hyperlend-core commit <code class=\"codehl\">625161<\/code>;<\/li>\n<li>hyperlend-isolated commit <code class=\"codehl\">0b90ce<\/code>;<\/li>\n<li>looping-contracts (private repository) commit <code class=\"codehl\">cb6fac<\/code>;<\/li>\n<li>core-config-engine commit <code class=\"codehl\">4ff785<\/code>;<\/li>\n<li>cross-chain-lending-deposits (private repository) commit <code class=\"codehl\">38dc8a<\/code>.<\/li>\n<\/ul>\n<p>The third audit was performed on the hyperlend-core-new repository, commit <code class=\"codehl\">0c2b14<\/code>. The scope included all changes made in the <code class=\"codehl\">src<\/code> directory compared to the original Aave v3.2 codebase.<\/p>\n<h2><span style=\"font-weight: 400;\">FINDINGS<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">The classification of a security finding is determined by two ratings: <\/span><b>impact<\/b><span style=\"font-weight: 400;\"> and <\/span><b>likelihood<\/b><span style=\"font-weight: 400;\">. This two-dimensional classification helps clarify the severity of individual issues. Issues which would be rated as <\/span><i><span style=\"font-weight: 400;\">medium<\/span><\/i><span style=\"font-weight: 400;\"> severity, but which would be likely discovered only by the team, are typically decreased by the likelihood factor to the <em>W<\/em><\/span><i><span style=\"font-weight: 400;\">arning<\/span><\/i><span style=\"font-weight: 400;\"> or <em>I<\/em><\/span><i><span style=\"font-weight: 400;\">nformational<\/span><\/i><span style=\"font-weight: 400;\"> severity ratings.<\/span><\/p>\n<p class=\"p1\">Our review resulted in 44 findings, ranging from Info to Critical severity. The most severe finding C1 posed a critical risk of all collateral tokens being stolen from the isolated pools of the protocol. The finding was reported despite being out-of-scope for the review, as the core issue was in incorrect usage of a new Chainlink-like price provider in the context of the original Fraxlend V3 codebase. The issue was undetectable by performing only differential review without the context of the original codebase.<\/p>\n<p class=\"p1\">Findings C1, M1, M2, M7, M10, L2 were discovered through manually-guided fuzzing using the <a href=\"https:\/\/getwake.io\">Wake<\/a> testing framework. Findings M5, M10, M11, M13, and I10 were discovered through <a href=\"https:\/\/getwake.io\">Wake<\/a> static analysis.<\/p>\n<h3><span style=\"font-weight: 400;\">Critical severity<\/span><\/h3>\n<p>C1: No revert on stale Chainlink price<\/p>\n<h3><span style=\"font-weight: 400;\">High severity<\/span><\/h3>\n<p>H1: Possible locked tokens<\/p>\n<h3><span style=\"font-weight: 400;\">Medium severity<\/span><\/h3>\n<p>M1: Incorrect proposal ID emitted<\/p>\n<p>M2: Missing support for bridging native tokens<\/p>\n<p>M3: Arbitrary token transfer through unrestricted refund function<\/p>\n<p>M4: Incorrect token balance check leading to failed position closures<\/p>\n<p>M5: Divide before multiply in <code class=\"codehl\">openPosition<\/code> function<\/p>\n<p>M6: Missing <code class=\"codehl\">payable<\/code> modifier<\/p>\n<p>M7: <code class=\"codehl\">minAmountOut<\/code> calculation too restrictive<\/p>\n<p>M8: Inconsistent token symbol formatting<\/p>\n<p>M9: Missing token validation on bridge initiation<\/p>\n<p>M10: <code class=\"codehl\">SafeERC20<\/code> not used<\/p>\n<p>M11: Native <code class=\"codehl\">transfer<\/code> revert out-of-gas<\/p>\n<p>M12: <code class=\"codehl\">WalletBalanceProvider<\/code> native tokens lockup<\/p>\n<p>M13: Missing Chainlink price feed validation<\/p>\n<h3><span style=\"font-weight: 400;\">Low severity<\/span><\/h3>\n<p>L1: Missing swap deadline protection<\/p>\n<p>L2: Try\/catch may still revert<\/p>\n<p>L3: Unsatisfiable condition on closing position with flashloans<\/p>\n<p>L4: Incorrect error messages<\/p>\n<p>L5: Missing receive function for native token handling<\/p>\n<p>L6: Missing queued transaction verification in <code class=\"codehl\">cancelTransaction<\/code><\/p>\n<p>L7: Same transaction can be queued multiple times<\/p>\n<p>L8: Native token recovery can be bypassed<\/p>\n<h3><span style=\"font-weight: 400;\">Warning severity<\/span><\/h3>\n<p>W1: Missing check to catch underflow error<\/p>\n<p>W2: Double listing proposal ID<\/p>\n<p>W3: Case insensitive import<\/p>\n<p>W4: Hardhat console imports<\/p>\n<p>W5: Unused state variables in <code class=\"codehl\">StrategyManager<\/code><\/p>\n<p>W6: Missing zero address validation<\/p>\n<p>W7: Lack of events<\/p>\n<p>W8: Missing proposal existence validation<\/p>\n<p>W9: Potential negative exponent in <code class=\"codehl\">CHAINLINK_NORMALIZATION<\/code> calculation<\/p>\n<p>W10: Incorrect token balance used for debt value calculation<\/p>\n<h3><span style=\"font-weight: 400;\">Informational severity<\/span><\/h3>\n<p class=\"p1\">I1: Missing underscore in internal function name<\/p>\n<p class=\"p1\">I2: Incorrect variable naming due to typo<\/p>\n<p class=\"p1\">I3: Unused <code class=\"codehl\">Ownable<\/code> inheritance<\/p>\n<p>I4: Inconsistent visibility for <code class=\"codehl\">_reversePath<\/code> function<\/p>\n<p>I5: <code class=\"codehl\">getUserAccountData<\/code> function reverts when token price is zero<\/p>\n<p>I6: <code class=\"codehl\">getUserPairs<\/code> returns an array with empty positions<\/p>\n<p>I7: Unused <code class=\"codehl\">swapPath<\/code> parameter in <code class=\"codehl\">SwapParams<\/code> struct<\/p>\n<p>I8: Unused function with potential data truncation risk<\/p>\n<p>I9: Incorrect documentation<\/p>\n<p>I10: Variables can be immutable<\/p>\n<h2><span style=\"font-weight: 400;\">TRUST MODEL<\/span><\/h2>\n<p>Users must trust Hyperlend not to lock funds in the protocol or manipulate token prices. Stargate gateways must be trusted to correctly relay messages between chains during cross-chain deposits.<\/p>\n<h2><span style=\"font-weight: 400;\">CONCLUSION<\/span><\/h2>\n<p class=\"p1\">Ackee Blockchain Security recommends Hyperlend to:<\/p>\n<ul>\n<li class=\"p1\">keep informed about the latest fixes made to the Aave and Fraxlend codebases; and<\/li>\n<li class=\"p1\">maintain best security practices when listing new tokens, ensuring quality of price oracles, and monitoring health of the protocol pools.<\/li>\n<\/ul>\n<p><b><a href=\"https:\/\/ackee.xyz\">Ackee Blockchain Security<\/a>\u2019s full Hyperlend audit report can be found <a href=\"https:\/\/github.com\/hyperlendx\/audits\/blob\/master\/hyperlend\/2025-03-24-ackee-audit-hyperlend.pdf\">here<\/a><\/b><b>.<\/b><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hyperlend is a lending protocol deployed on the Hyperliquid chain. The protocol implements risk-segmented lending pools designed for different use cases. The protocol\u2019s infrastructure includes cross-chain deposit endpoints for protocol pools, looping contracts that enable position management through flash loans, and helper contracts for asset listing functionality. Hyperlend engaged Ackee Blockchain Security to perform a security review of the Hyperlend protocol with&hellip;<\/p>\n","protected":false},"author":30,"featured_media":1064,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[20,10,103],"tags":[89,24,153],"class_list":["post-1053","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-audits","category-ethereum","category-wake","tag-audit-summary","tag-ethereum","tag-hyperlend"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.9 - aioseo.com -->\n\t<meta name=\"description\" content=\"Hyperlend is a lending protocol deployed on the Hyperliquid chain. The protocol implements risk-segmented lending pools designed for different use cases. The protocol\u2019s infrastructure includes cross-chain deposit endpoints for protocol pools, looping contracts that enable position management through flash loans, and helper contracts for asset listing functionality. Hyperlend engaged Ackee Blockchain Security to perform a\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<meta name=\"author\" content=\"Tom\u00e1\u0161 Kova\u0159\u00edk\"\/>\n\t<link rel=\"canonical\" href=\"https:\/\/ackee.xyz\/blog\/hyperlend-protocol-audit-summary\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.9\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Ackee Blockchain - Blog &amp; Research\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"Hyperlend Protocol Audit Summary - Ackee Blockchain\" \/>\n\t\t<meta property=\"og:description\" content=\"Hyperlend is a lending protocol deployed on the Hyperliquid chain. The protocol implements risk-segmented lending pools designed for different use cases. The protocol\u2019s infrastructure includes cross-chain deposit endpoints for protocol pools, looping contracts that enable position management through flash loans, and helper contracts for asset listing functionality. Hyperlend engaged Ackee Blockchain Security to perform a\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/ackee.xyz\/blog\/hyperlend-protocol-audit-summary\/\" \/>\n\t\t<meta property=\"og:image\" content=\"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2023\/02\/cropped-ABCH_Logo_blue-black.png\" \/>\n\t\t<meta property=\"og:image:secure_url\" content=\"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2023\/02\/cropped-ABCH_Logo_blue-black.png\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2025-06-16T21:57:17+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2025-07-01T09:11:10+00:00\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:title\" content=\"Hyperlend Protocol Audit Summary - Ackee Blockchain\" \/>\n\t\t<meta name=\"twitter:description\" content=\"Read the summary of Ackee&#039;s audit of Hyperlend, including our methodology, findings, and recommendations.\" \/>\n\t\t<meta name=\"twitter:image\" content=\"https:\/\/abchprod.wpengine.com\/wp-content\/uploads\/2025\/06\/hyperlend-socials.png\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BlogPosting\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/hyperlend-protocol-audit-summary\\\/#blogposting\",\"name\":\"Hyperlend Protocol Audit Summary - Ackee Blockchain\",\"headline\":\"Hyperlend Protocol Audit Summary\",\"author\":{\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/author\\\/tomas-kovarik\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/#organization\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/06\\\/hyperlend-cover.png\",\"width\":1972,\"height\":1360},\"datePublished\":\"2025-06-16T23:57:17+02:00\",\"dateModified\":\"2025-07-01T11:11:10+02:00\",\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/hyperlend-protocol-audit-summary\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/hyperlend-protocol-audit-summary\\\/#webpage\"},\"articleSection\":\"Audits, Ethereum, Wake, audit summary, Ethereum, hyperlend\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/hyperlend-protocol-audit-summary\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/ackee.xyz\\\/blog\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/category\\\/ethereum\\\/#listItem\",\"name\":\"Ethereum\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/category\\\/ethereum\\\/#listItem\",\"position\":2,\"name\":\"Ethereum\",\"item\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/category\\\/ethereum\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/hyperlend-protocol-audit-summary\\\/#listItem\",\"name\":\"Hyperlend Protocol Audit Summary\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/hyperlend-protocol-audit-summary\\\/#listItem\",\"position\":3,\"name\":\"Hyperlend Protocol Audit Summary\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/category\\\/ethereum\\\/#listItem\",\"name\":\"Ethereum\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/#organization\",\"name\":\"Ackee Blockchain\",\"description\":\"Blog & Research\",\"url\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/02\\\/cropped-ABCH_Logo_blue-black.png\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/hyperlend-protocol-audit-summary\\\/#organizationLogo\",\"width\":5268,\"height\":825},\"image\":{\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/hyperlend-protocol-audit-summary\\\/#organizationLogo\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/author\\\/tomas-kovarik\\\/#author\",\"url\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/author\\\/tomas-kovarik\\\/\",\"name\":\"Tom\\u00e1\\u0161 Kova\\u0159\\u00edk\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/hyperlend-protocol-audit-summary\\\/#authorImage\",\"url\":\"https:\\\/\\\/abchprod.wpengine.com\\\/wp-content\\\/uploads\\\/2025\\\/08\\\/avatar_user_30_1756111591-96x96.png\",\"width\":96,\"height\":96,\"caption\":\"Tom\\u00e1\\u0161 Kova\\u0159\\u00edk\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/hyperlend-protocol-audit-summary\\\/#webpage\",\"url\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/hyperlend-protocol-audit-summary\\\/\",\"name\":\"Hyperlend Protocol Audit Summary - Ackee Blockchain\",\"description\":\"Hyperlend is a lending protocol deployed on the Hyperliquid chain. The protocol implements risk-segmented lending pools designed for different use cases. The protocol\\u2019s infrastructure includes cross-chain deposit endpoints for protocol pools, looping contracts that enable position management through flash loans, and helper contracts for asset listing functionality. Hyperlend engaged Ackee Blockchain Security to perform a\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/hyperlend-protocol-audit-summary\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/author\\\/tomas-kovarik\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/author\\\/tomas-kovarik\\\/#author\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/06\\\/hyperlend-cover.png\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/hyperlend-protocol-audit-summary\\\/#mainImage\",\"width\":1972,\"height\":1360},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/hyperlend-protocol-audit-summary\\\/#mainImage\"},\"datePublished\":\"2025-06-16T23:57:17+02:00\",\"dateModified\":\"2025-07-01T11:11:10+02:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/\",\"name\":\"Ackee Blockchain\",\"description\":\"Blog & Research\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/ackee.xyz\\\/blog\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"Hyperlend Protocol Audit Summary - Ackee Blockchain","description":"Hyperlend is a lending protocol deployed on the Hyperliquid chain. The protocol implements risk-segmented lending pools designed for different use cases. The protocol\u2019s infrastructure includes cross-chain deposit endpoints for protocol pools, looping contracts that enable position management through flash loans, and helper contracts for asset listing functionality. Hyperlend engaged Ackee Blockchain Security to perform a","canonical_url":"https:\/\/ackee.xyz\/blog\/hyperlend-protocol-audit-summary\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BlogPosting","@id":"https:\/\/ackee.xyz\/blog\/hyperlend-protocol-audit-summary\/#blogposting","name":"Hyperlend Protocol Audit Summary - Ackee Blockchain","headline":"Hyperlend Protocol Audit Summary","author":{"@id":"https:\/\/ackee.xyz\/blog\/author\/tomas-kovarik\/#author"},"publisher":{"@id":"https:\/\/ackee.xyz\/blog\/#organization"},"image":{"@type":"ImageObject","url":"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2025\/06\/hyperlend-cover.png","width":1972,"height":1360},"datePublished":"2025-06-16T23:57:17+02:00","dateModified":"2025-07-01T11:11:10+02:00","inLanguage":"en-US","mainEntityOfPage":{"@id":"https:\/\/ackee.xyz\/blog\/hyperlend-protocol-audit-summary\/#webpage"},"isPartOf":{"@id":"https:\/\/ackee.xyz\/blog\/hyperlend-protocol-audit-summary\/#webpage"},"articleSection":"Audits, Ethereum, Wake, audit summary, Ethereum, hyperlend"},{"@type":"BreadcrumbList","@id":"https:\/\/ackee.xyz\/blog\/hyperlend-protocol-audit-summary\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/ackee.xyz\/blog#listItem","position":1,"name":"Home","item":"https:\/\/ackee.xyz\/blog","nextItem":{"@type":"ListItem","@id":"https:\/\/ackee.xyz\/blog\/category\/ethereum\/#listItem","name":"Ethereum"}},{"@type":"ListItem","@id":"https:\/\/ackee.xyz\/blog\/category\/ethereum\/#listItem","position":2,"name":"Ethereum","item":"https:\/\/ackee.xyz\/blog\/category\/ethereum\/","nextItem":{"@type":"ListItem","@id":"https:\/\/ackee.xyz\/blog\/hyperlend-protocol-audit-summary\/#listItem","name":"Hyperlend Protocol Audit Summary"},"previousItem":{"@type":"ListItem","@id":"https:\/\/ackee.xyz\/blog#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/ackee.xyz\/blog\/hyperlend-protocol-audit-summary\/#listItem","position":3,"name":"Hyperlend Protocol Audit Summary","previousItem":{"@type":"ListItem","@id":"https:\/\/ackee.xyz\/blog\/category\/ethereum\/#listItem","name":"Ethereum"}}]},{"@type":"Organization","@id":"https:\/\/ackee.xyz\/blog\/#organization","name":"Ackee Blockchain","description":"Blog & Research","url":"https:\/\/ackee.xyz\/blog\/","logo":{"@type":"ImageObject","url":"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2023\/02\/cropped-ABCH_Logo_blue-black.png","@id":"https:\/\/ackee.xyz\/blog\/hyperlend-protocol-audit-summary\/#organizationLogo","width":5268,"height":825},"image":{"@id":"https:\/\/ackee.xyz\/blog\/hyperlend-protocol-audit-summary\/#organizationLogo"}},{"@type":"Person","@id":"https:\/\/ackee.xyz\/blog\/author\/tomas-kovarik\/#author","url":"https:\/\/ackee.xyz\/blog\/author\/tomas-kovarik\/","name":"Tom\u00e1\u0161 Kova\u0159\u00edk","image":{"@type":"ImageObject","@id":"https:\/\/ackee.xyz\/blog\/hyperlend-protocol-audit-summary\/#authorImage","url":"https:\/\/abchprod.wpengine.com\/wp-content\/uploads\/2025\/08\/avatar_user_30_1756111591-96x96.png","width":96,"height":96,"caption":"Tom\u00e1\u0161 Kova\u0159\u00edk"}},{"@type":"WebPage","@id":"https:\/\/ackee.xyz\/blog\/hyperlend-protocol-audit-summary\/#webpage","url":"https:\/\/ackee.xyz\/blog\/hyperlend-protocol-audit-summary\/","name":"Hyperlend Protocol Audit Summary - Ackee Blockchain","description":"Hyperlend is a lending protocol deployed on the Hyperliquid chain. The protocol implements risk-segmented lending pools designed for different use cases. The protocol\u2019s infrastructure includes cross-chain deposit endpoints for protocol pools, looping contracts that enable position management through flash loans, and helper contracts for asset listing functionality. Hyperlend engaged Ackee Blockchain Security to perform a","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/ackee.xyz\/blog\/#website"},"breadcrumb":{"@id":"https:\/\/ackee.xyz\/blog\/hyperlend-protocol-audit-summary\/#breadcrumblist"},"author":{"@id":"https:\/\/ackee.xyz\/blog\/author\/tomas-kovarik\/#author"},"creator":{"@id":"https:\/\/ackee.xyz\/blog\/author\/tomas-kovarik\/#author"},"image":{"@type":"ImageObject","url":"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2025\/06\/hyperlend-cover.png","@id":"https:\/\/ackee.xyz\/blog\/hyperlend-protocol-audit-summary\/#mainImage","width":1972,"height":1360},"primaryImageOfPage":{"@id":"https:\/\/ackee.xyz\/blog\/hyperlend-protocol-audit-summary\/#mainImage"},"datePublished":"2025-06-16T23:57:17+02:00","dateModified":"2025-07-01T11:11:10+02:00"},{"@type":"WebSite","@id":"https:\/\/ackee.xyz\/blog\/#website","url":"https:\/\/ackee.xyz\/blog\/","name":"Ackee Blockchain","description":"Blog & Research","inLanguage":"en-US","publisher":{"@id":"https:\/\/ackee.xyz\/blog\/#organization"}}]},"og:locale":"en_US","og:site_name":"Ackee Blockchain - Blog &amp; Research","og:type":"article","og:title":"Hyperlend Protocol Audit Summary - Ackee Blockchain","og:description":"Hyperlend is a lending protocol deployed on the Hyperliquid chain. The protocol implements risk-segmented lending pools designed for different use cases. The protocol\u2019s infrastructure includes cross-chain deposit endpoints for protocol pools, looping contracts that enable position management through flash loans, and helper contracts for asset listing functionality. Hyperlend engaged Ackee Blockchain Security to perform a","og:url":"https:\/\/ackee.xyz\/blog\/hyperlend-protocol-audit-summary\/","og:image":"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2023\/02\/cropped-ABCH_Logo_blue-black.png","og:image:secure_url":"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2023\/02\/cropped-ABCH_Logo_blue-black.png","article:published_time":"2025-06-16T21:57:17+00:00","article:modified_time":"2025-07-01T09:11:10+00:00","twitter:card":"summary_large_image","twitter:title":"Hyperlend Protocol Audit Summary - Ackee Blockchain","twitter:description":"Read the summary of Ackee's audit of Hyperlend, including our methodology, findings, and recommendations.","twitter:image":"https:\/\/abchprod.wpengine.com\/wp-content\/uploads\/2025\/06\/hyperlend-socials.png"},"aioseo_meta_data":{"post_id":"1053","title":null,"description":null,"keywords":null,"keyphrases":{"focus":{"keyphrase":"","score":0,"analysis":{"keyphraseInTitle":{"score":0,"maxScore":9,"error":1}}},"additional":[]},"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"custom_image","og_image_url":"https:\/\/abchprod.wpengine.com\/wp-content\/uploads\/2023\/02\/cropped-ABCH_Logo_blue-black.png","og_image_width":"0","og_image_height":"0","og_image_custom_url":null,"og_image_custom_fields":null,"og_video":"","og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"summary_large_image","twitter_image_type":"custom_image","twitter_image_url":"https:\/\/abchprod.wpengine.com\/wp-content\/uploads\/2025\/06\/hyperlend-socials.png","twitter_image_custom_url":"https:\/\/abchprod.wpengine.com\/wp-content\/uploads\/2025\/06\/hyperlend-socials.png","twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":"Read the summary of Ackee's audit of Hyperlend, including our methodology, findings, and recommendations.","schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"BlogPosting","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":"-1","robots_max_videopreview":"-1","robots_max_imagepreview":"large","priority":null,"frequency":"default","local_seo":null,"limit_modified_date":false,"ai":{"faqs":[],"keyPoints":[],"titles":[],"descriptions":[],"socialPosts":{"email":[],"linkedin":[],"twitter":[],"facebook":[],"instagram":[]}},"created":"2025-06-03 14:41:05","updated":"2025-07-01 09:14:37","breadcrumb_settings":null,"seo_analyzer_scan_date":null},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/ackee.xyz\/blog\" title=\"Home\">Home<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/ackee.xyz\/blog\/category\/ethereum\/\" title=\"Ethereum\">Ethereum<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\tHyperlend Protocol Audit Summary\n\t\t<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/ackee.xyz\/blog"},{"label":"Ethereum","link":"https:\/\/ackee.xyz\/blog\/category\/ethereum\/"},{"label":"Hyperlend Protocol Audit Summary","link":"https:\/\/ackee.xyz\/blog\/hyperlend-protocol-audit-summary\/"}],"featured_image_src":"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2025\/06\/hyperlend-cover-600x400.png","featured_image_src_square":"https:\/\/ackee.xyz\/blog\/wp-content\/uploads\/2025\/06\/hyperlend-cover-600x600.png","author_info":{"display_name":"Tom\u00e1\u0161 Kova\u0159\u00edk","author_link":"https:\/\/ackee.xyz\/blog\/author\/tomas-kovarik\/"},"_links":{"self":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/posts\/1053","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/users\/30"}],"replies":[{"embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/comments?post=1053"}],"version-history":[{"count":0,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/posts\/1053\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/media\/1064"}],"wp:attachment":[{"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/media?parent=1053"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/categories?post=1053"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ackee.xyz\/blog\/wp-json\/wp\/v2\/tags?post=1053"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}