Liquity

Liquity

@liquity
Live

Maximum reward

125,000 BOLD

Severity

Max. Reward

Critical

125,000 BOLD

High

62,500 BOLD

Medium

12,500 BOLD

Findings submitted

39

Start date

1 Jul 2025

Please sign in as a researcher to join the bounty.

Log in
InstructionsScope

In scope

Core Contracts

Severity

Min and Max Reward

Critical

Up to 125,000 BOLD

High

Up to 62,500 BOLD

Medium

Up to 12,500 BOLD

/contracts/src├── ActivePool.sol├── AddressesRegistry.sol├── BoldToken.sol├── BorrowerOperations.sol├── CollateralRegistry.sol├── CollSurplusPool.sol├── DefaultPool.sol├── Dependencies│   ├── AddRemoveManagers.sol│   ├── AggregatorV3Interface.sol│   ├── Constants.sol│   ├── LiquityBase.sol│   ├── LiquityMath.sol│   └── Ownable.sol├── GasPool.sol├── Interfaces│   ├── IActivePool.sol│   ├── IAddRemoveManagers.sol│   ├── IAddressesRegistry.sol│   ├── IBoldRewardsReceiver.sol│   ├── IBoldToken.sol│   ├── IBorrowerOperations.sol│   ├── ICollateralRegistry.sol│   ├── ICollSurplusPool.sol│   ├── ICommunityIssuance.sol│   ├── IDefaultPool.sol│   ├── IInterestRouter.sol│   ├── ILiquityBase.sol│   ├── ILQTYStaking.sol│   ├── ILQTYToken.sol│   ├── IMainnetPriceFeed.sol│   ├── IPriceFeed.sol│   ├── IRETHPriceFeed.sol│   ├── IRETHToken.sol│   ├── ISortedTroves.sol│   ├── IStabilityPoolEvents.sol│   ├── IStabilityPool.sol│   ├── ITroveEvents.sol│   ├── ITroveManager.sol│   ├── ITroveNFT.sol│   ├── IWETH.sol│   ├── IWSTETHPriceFeed.sol│   └── IWSTETH.sol├── PriceFeeds│   ├── CompositePriceFeed.sol│   ├── MainnetPriceFeedBase.sol│   ├── RETHPriceFeed.sol│   ├── WETHPriceFeed.sol│   └── WSTETHPriceFeed.sol├── SortedTroves.sol├── StabilityPool.sol├── TroveManager.sol├── TroveNFT.sol├── Types│   ├── BatchId.sol│   ├── LatestBatchData.sol│   ├── LatestTroveData.sol│   ├── TroveChange.sol│   └── TroveId.sol└── Zappers    ├── BaseZapper.sol    ├── GasCompZapper.sol    ├── Interfaces    │   ├── IExchange.sol    │   ├── IExchangeHelpers.sol    │   ├── IFlashLoanProvider.sol    │   ├── IFlashLoanReceiver.sol    │   ├── ILeverageZapper.sol    │   └── IZapper.sol    ├── LeftoversSweep.sol    ├── LeverageLSTZapper.sol    ├── LeverageWETHZapper.sol    ├── Modules    │   ├── Exchanges    │   │   ├── HybridCurveUniV3Exchange.sol    │   │   └── HybridCurveUniV3ExchangeHelpers.sol    │   └── FlashLoans    │       ├── BalancerFlashLoan.sol    │       └── Balancer    │           └── vault    │               ├── IFlashLoanRecipient.sol    │               └── IVault.sol    └── WETHZapper.sol
├── BribeInitiative.sol├── CurveV2GaugeRewards.sol├── Governance.sol├── interfaces│   ├── IBribeInitiative.sol│   ├── ICurveStableswapFactoryNG.sol│   ├── ICurveStableswapNG.sol│   ├── IGovernance.sol│   ├── IInitiative.sol│   ├── ILiquidityGauge.sol│   ├── ILQTY.sol│   ├── ILQTYStaking.sol│   ├── ILUSD.sol│   ├── IMultiDelegateCall.sol│   ├── IUserProxyFactory.sol│   └── IUserProxy.sol├── UserProxyFactory.sol├── UserProxy.sol└── utils    ├── BaseHook.sol    ├── DoubleLinkedList.sol    ├── Math.sol    ├── MultiDelegateCall.sol    ├── Ownable.sol    ├── SafeCallMinGas.sol    ├── Types.sol    ├── UniqueArray.sol    └── VotingPower.sol

If you discover a vulnerability in any component not explicitly listed but which poses a risk to user funds, user data, or system integrity, you may submit it for consideration. Our team will review such submissions on a case-by-case basis.

Asset
Description
Liquity BoldLiquity v2 is a collateralized debt platform. Users can lock up WETH and/or select LSTs, and issue stablecoin tokens (BOLD) to their own Ethereum address. The individual collateralized debt positions are called Troves.

Out of scope

Default Out of Scope:

  • Issues found in previous security reviews,
  • Third-party contracts not under direct project control,
  • Issues with non-standard ERC20 tokens (unless explicitly supported by the project),
  • Rounding errors with no significant impact,
  • User errors requiring obviously incorrect parameter inputs,
  • Vulnerabilities that only manifest during extreme market conditions,
  • Incorrect data from third-party oracles
    • Note: Oracle manipulation and flash loan attacks are still in scope
  • Theoretical exploits without practical proof-of-concept,
  • Issues requiring access to leaked keys or credentials,
  • Issues arising from Sybil attacks
  • Centralization risks
  • Basic economic and governance attacks (such as 51% attacks)
  • Protocol design choices
  • Gas optimization issues and high gas costs
  • Best practice suggestions
  • Submissions generated using ChatGPT or other LLM tools