HyperLabs Inc / hyperlend
HyperLend is a lending platform, aiming to become the main lending market on the Hyperliquid HyperEVM chain.
We have 3 different types of lending markets:
- Core pools: the codebase is a fork of Aave v3.0.2.
Users can supply/borrow multiple tokens in a single pool. - -Isolated pools: the codebase is a fork of Fraxlend V3.
Each market has one token that can be supplied as collateral and one that can be borrowed, isolating the risk to a specific market instead of the entire protocol. - P2P loans: users can request personalized loans (each loan has a custom collateral asset, borrowed asset, borrow amount, repayment amount, duration, and liquidation settings), and other users can then fill their requests.
This competition also includes another contract:
- HyperEVM oracle: a contract used to fetch price data from Hyperliquids HyperEVM system contract.
Prize distribution and scoring
-
Total Prize Pool: $100,000
-
Primary Prize Pool: $95,000
-
The prize distribution has 2 possible triggers:
- If one or more valid medium severity findings are found, the total pot size is $40,000
- If one or more valid high severity findings are found, the total pot size is $100,000
-
$5,000 of the prize pot is reserved for Low Severity findings. These reports are judged based on quality and reviewers are then ranked from 1st to 5th for the purpose of prize allocation.
- 1st: $2.5k
- 2nd: $1k
- 3rd: $500
- 4th: $500
- 5th: $500
-
Scoring described in the competition scoring page.
-
Findings Severities described in detail on our docs page.
Documentation
- Core Pools (Aave V3.0.2 fork):
- tech paper
- codebase diffs: gist & description
- Isolated Pools (FraxLend V3 fork):
- documentation
- codebase diffs: gist & description
- P2P loans:
- HyperEVM Oracle:
Scope
Hyperlend Core
- Repository: https://github.com/hyperlendx/hyperlend-core
- Commit: eb1c180e09561b3272dc9cbe21f5a9328a3bef33
- Total LOC:
- Files: all files in contracts/
- excluding: contracts/mocks/ and contracts/flashloan/
- Note: the codebase is an Aave v3.0.2 fork with very minor modifications
Hyperlend Isolated
- Repository: https://github.com/hyperlendx/hyperlend-isolated
- Commit: 52449fc85a5bd7409b74ef8201b2ee99ae1cd704
- Total LOC:
- Files: all files in contracts/
- excluding: contracts/mocks/
- Note: the codebase is a fork of Fraxlend V3
Hyperlend P2P
- Repository: https://github.com/hyperlendx/hyperlend-p2p
- Commit: 3ba49b59ab0ce75cbf53214cc3806a4668ea5fa9
- Total LOC:
- Files: contracts/LendingP2P.sol
Hyperevm Oracle
- Repository: https://github.com/hyperlendx/hyperevm-oracle
- Commit: b76fedd9efed255ba2d4bf5bc51a463e71641f22
- Total LOC:
- Files: all files in contracts/
- excluding: contracts/mocks/ and contracts/interfaces/
Build Instructions
All repositories are using Hardhat and include build instructions in the README. NodeJS is required to build the code.
Install dependencies: npm install
Compile code: npx hardhat compile
Run tests: npx hardhat test
- Basic POC test:
- Basic tests are available in each repository under
test/baseTest.js
- Basic tests are available in each repository under
Out of scope
- Exploits that rely on price manipulation on external markets
- Exploits caused by 3rd-party oracles providing invalid data
- Exploits only possible by permissioned entities (such as admin address passing wrong parameters to config functions or keepers submitting invalid prices).
- All pools/reserves are expected to have minimum liquidity at all times.
- Any problems arising from non-standard ERC20 tokens (such as rebasing, fee-on-transfer, ERC777...).
- Any issues mentioned/acknowledged in the code comments
- Automated findings by Lightchaser
Contact Us
For any issues or concerns regarding this competition, please reach out to the Cantina core team through the Cantina Discord.
Summary
Status
CompletedTotal reward:
$100,000
Findings submitted:
399
Start date:
13 Nov 2024 8:00pm (local time)
End date:
4 Dec 2024 8:00pm (local time)