• FYEO

FYEO security assessment of the Hyperlane (formerly Abacus) Smart Contracts in August 2022


Hyperlane is a modular interoperability platform that enables developers to send information between blockchains such as Ethereum, Polygon, Optimism, Avalanche, Celo, Binance Smart Chain, Arbitrum, Moonbeam, and more.


The scope of this review included the protocol’s smart contract implementation written in Solidity. Hyperlane’s goal is to simplify and enable secure communication between blockchains, empowering builds for interchain applications. Applications built on top of Hyperlane can share state across multiple blockchains without being tied to a single chain, promoting developer focus on application growth and not being limited to one substrate.


The FYEO Process

When FYEO performs an assessment, we focus on the code committed at a specific time when the code base is feature complete.


Our goal is to give our clients the following:

  • A better understanding of its security posture and help them identify current and future risks in its deployed chain & contract infrastructure.

  • An opinion on what security measures are in place regarding maturity, adequacy, and efficiency.

  • Identify potential issues, including loss of funds scenarios, and include improvement recommendations based on the result of our assessment.

  • Give the development team a better understanding of writing and maintaining more secure code. The incremental increase of security is part of the overall increased quality of the project.


Findings & Report

During the security assessment of Hyperlane’s smart contract implementation, we discovered:


1 finding with a LOW severity rating


2 findings with an INFORMATIONAL severity rating


Following review, Hyperlane worked with the FYEO Security team to heed recommendations presented in the report.


Please see the full report here!


Hyperlane - Security Assessment of the Abacus Monorepo v1.2
.pdf
Download PDF • 679KB