Security
Codebase Heritage
Hyperdrome is built on the Velodrome/Solidly codebase, one of the most battle-tested ve(3,3) implementations in DeFi:- Solidly — Original ve(3,3) AMM by Andre Cronje on Fantom
- Velodrome — Refined fork on Optimism, the largest DEX by TVL on OP
Audits
| Audit | Scope | Report |
|---|---|---|
| Solidly Audit | Core AMM, VotingEscrow, Minter | Available in repo |
| Velodrome Audits | Full protocol review | Available in repo |
Smart Contract Security
Access Control
| Role | Permissions |
|---|---|
| Governor | Whitelist tokens, create gauges, protocol parameters |
| Emergency Council | Kill/revive gauges in emergencies |
| Fee Manager | Adjust trading fee rates per pool |
| Pauser | Pause all swaps in emergency |
Timelock
The HyperdromeGovernor multisig includes per-function timelocks:- Custom delay per function selector / destination combo
- Batch transaction execution support
- Based on 0x’s ZeroExGovernor pattern
Key Security Properties
- Immutable Minter assignment —
setMinter()can only be called once on the HDROME token - CREATE2 deterministic deployment — Pair addresses are predictable and verifiable
- veNFT attachment system — Prevents transfer of veNFTs while staked in gauges
- Epoch-locked votes — Votes cannot be changed mid-epoch, preventing manipulation
- TWAP oracle — 30-minute observation periods resist price manipulation
Solidity Version
All contracts compiled with Solidity 0.8.13 with standard overflow/underflow protections.Test Suite
The protocol includes 21 Foundry test files covering:- AMM pair mechanics and fee accounting
- veNFT lock/unlock/merge operations
- Emission calculations and decay schedules
- Gauge staking and reward distribution
- Voting mechanics and epoch transitions
- Emergency gauge kill/revive
- Merkle claim airdrop distribution
- On-chain governance proposals
- Anti-wash-trade protection
- Oracle accuracy and edge cases