We were tasked with auditing the cross-chain bridge implementation of LimeChain called Hashport, implementing the Diamond standard to achieve a high degree of dynamicity in the code's purpose.
Over the course of the audit, we identified certain discrepancies and potential misbehaviours arising from non-restrictive value definitions and falsely assumed secure mathematical operations.
Additionally, we were able to pinpoint several optimizations that can be applied that we believe would significantly affect the total gas consumption of the Hedera system.
Overall, the codebase of the Hedera bridge is of high quality with extensive in-line documentation and good use of EIP standards.
During the audit, we filtered and validated a total of 2 findings utilizing static analysis tools as well as identified a total of 13 findings during the manual review of the codebase. We strongly recommend that any minor severity or higher findings are dealt with promptly prior to the project's launch as they introduce potential misbehaviours of the system as well as exploits.
The list below covers each segment of the audit in depth and links to the respective chapter of the report: