A collection of security resources relating to the Hydration (formerly HydraDX) blockchain:
- Audit Reports
- Critical Vulnerability Reports
- Invariants Specification
- Mitigation Mechanisms - a set of mechanisms designed to safeguard against economic exploits
- Threat Modelling - a collection of known attack vectors
Conducted by Spearbit / Cantina, published in June 2025.
Read the full report here.
Conducted by OAK Security, published in May 2025.
Read the (draft) report here.
Conducted by Spearbit / Cantina, published in April 2025.
Read the full report here.
Conducted by Spearbit / Cantina, published in January 2025.
Read the full report here.
Conducted by Pashov Audit Group, published in October 2024.
Read the full report here.
Conducted by SRLabs, published in June 2024.
Read the full report here.
Conducted by 27 independent security researchers that participated in an audit challenge on Code4rena.
Scope: Omnipool, Stablepools, Oracles, Circuit Breaker.
Read the full report in this repo or on the Code4rena website.
Conducted by Runtime Verification, published in June 2022.
Read the full report here.
Conducted by Runtime Verification, published in June 2022.
Read the full report here.
Conducted by Runtime Verification, published in September 2022.
Read the full report here.
Conducted by BlockScience, published in March 2022.
Addendum by the HydraDX team elaborating on some changes which were made after the audit was finished (pp 41 et seq), published in November 2022.
Read the full report here.
You can find the specification of the following groups of invariants:
- System-level invariants - these relate to the global state of the system and must always hold
- Function-level invariants - these must hold in relation to the execution of specific state-transition functions (extrinsics)