Liquity

@liquity

Live

Maximum reward

125,000 BOLD

Severity

Max. Reward

Critical

125,000 BOLD

High

62,500 BOLD

Medium

12,500 BOLD

Findings submitted

Start date

1 Jul 2025

Please sign in as a researcher to join the bounty.

Instructions Scope

In scope

Core Contracts

Severity

Min and Max Reward

Critical

Up to 125,000 BOLD

High

Up to 62,500 BOLD

Medium

Up to 12,500 BOLD

Low

Up to 0 BOLD

Informational

Up to 0 BOLD

Liquity Bold at ac91fda

/contracts/src├── ActivePool.sol├── AddressesRegistry.sol├── BoldToken.sol├── BorrowerOperations.sol├── CollateralRegistry.sol├── CollSurplusPool.sol├── DefaultPool.sol├── Dependencies│   ├── AddRemoveManagers.sol│   ├── AggregatorV3Interface.sol│   ├── Constants.sol│   ├── LiquityBase.sol│   ├── LiquityMath.sol│   └── Ownable.sol├── GasPool.sol├── Interfaces│   ├── IActivePool.sol│   ├── IAddRemoveManagers.sol│   ├── IAddressesRegistry.sol│   ├── IBoldRewardsReceiver.sol│   ├── IBoldToken.sol│   ├── IBorrowerOperations.sol│   ├── ICollateralRegistry.sol│   ├── ICollSurplusPool.sol│   ├── ICommunityIssuance.sol│   ├── IDefaultPool.sol│   ├── IInterestRouter.sol│   ├── ILiquityBase.sol│   ├── ILQTYStaking.sol│   ├── ILQTYToken.sol│   ├── IMainnetPriceFeed.sol│   ├── IPriceFeed.sol│   ├── IRETHPriceFeed.sol│   ├── IRETHToken.sol│   ├── ISortedTroves.sol│   ├── IStabilityPoolEvents.sol│   ├── IStabilityPool.sol│   ├── ITroveEvents.sol│   ├── ITroveManager.sol│   ├── ITroveNFT.sol│   ├── IWETH.sol│   ├── IWSTETHPriceFeed.sol│   └── IWSTETH.sol├── PriceFeeds│   ├── CompositePriceFeed.sol│   ├── MainnetPriceFeedBase.sol│   ├── RETHPriceFeed.sol│   ├── WETHPriceFeed.sol│   └── WSTETHPriceFeed.sol├── SortedTroves.sol├── StabilityPool.sol├── TroveManager.sol├── TroveNFT.sol├── Types│   ├── BatchId.sol│   ├── LatestBatchData.sol│   ├── LatestTroveData.sol│   ├── TroveChange.sol│   └── TroveId.sol└── Zappers    ├── BaseZapper.sol    ├── GasCompZapper.sol    ├── Interfaces    │   ├── IExchange.sol    │   ├── IExchangeHelpers.sol    │   ├── IFlashLoanProvider.sol    │   ├── IFlashLoanReceiver.sol    │   ├── ILeverageZapper.sol    │   └── IZapper.sol    ├── LeftoversSweep.sol    ├── LeverageLSTZapper.sol    ├── LeverageWETHZapper.sol    ├── Modules    │   ├── Exchanges    │   │   ├── HybridCurveUniV3Exchange.sol    │   │   └── HybridCurveUniV3ExchangeHelpers.sol    │   └── FlashLoans    │       ├── BalancerFlashLoan.sol    │       └── Balancer    │           └── vault    │               ├── IFlashLoanRecipient.sol    │               └── IVault.sol    └── WETHZapper.sol

v2-Gov at ba3bcb

├── BribeInitiative.sol├── CurveV2GaugeRewards.sol├── Governance.sol├── interfaces│   ├── IBribeInitiative.sol│   ├── ICurveStableswapFactoryNG.sol│   ├── ICurveStableswapNG.sol│   ├── IGovernance.sol│   ├── IInitiative.sol│   ├── ILiquidityGauge.sol│   ├── ILQTY.sol│   ├── ILQTYStaking.sol│   ├── ILUSD.sol│   ├── IMultiDelegateCall.sol│   ├── IUserProxyFactory.sol│   └── IUserProxy.sol├── UserProxyFactory.sol├── UserProxy.sol└── utils    ├── BaseHook.sol    ├── DoubleLinkedList.sol    ├── Math.sol    ├── MultiDelegateCall.sol    ├── Ownable.sol    ├── SafeCallMinGas.sol    ├── Types.sol    ├── UniqueArray.sol    └── VotingPower.sol

If you discover a vulnerability in any component not explicitly listed but which poses a risk to user funds, user data, or system integrity, you may submit it for consideration. Our team will review such submissions on a case-by-case basis.

Asset	Description
Liquity Bold	Liquity v2 is a collateralized debt platform. Users can lock up WETH and/or select LSTs, and issue stablecoin tokens (BOLD) to their own Ethereum address. The individual collateralized debt positions are called Troves.

Out of scope

liquity.org
https://github.com/liquity/bold/tree/main/frontend (all apps and subgraphs are specifically not in scope)
Issues listed as known issues, or listed in Issues within Liquity/bold or Liquity/v2-Gov repos
Security advisories for Liquity/bold or Liquity/v2-Gov repos, as well as for Liquity/dev
Latest audit list:
- https://docs.liquity.org/v2-documentation/technical-docs-and-audits

Default Out of Scope:

Issues found in previous security reviews,
Third-party contracts not under direct project control,
Issues with non-standard ERC20 tokens (unless explicitly supported by the project),
Rounding errors with no significant impact,
User errors requiring obviously incorrect parameter inputs,
Vulnerabilities that only manifest during extreme market conditions,
Incorrect data from third-party oracles
- Note: Oracle manipulation and flash loan attacks are still in scope
Theoretical exploits without practical proof-of-concept,
Issues requiring access to leaked keys or credentials,
Issues arising from Sybil attacks
Centralization risks
Basic economic and governance attacks (such as 51% attacks)
Protocol design choices
Gas optimization issues and high gas costs
Best practice suggestions
Submissions generated using ChatGPT or other LLM tools