defirisk.co
rubric v1.7.0

Signed/unsigned arithmetic confusion

Hyperliquid's assessment for RD-F-018 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Bridge2 uses Solidity 0.8.x with built-in overflow/underflow protection. uint64 power/threshold arithmetic is the main arithmetic surface; no signed-unsigned conversion paths found in manual review. Symbolic exec needed for full confirmation.

Sources #

  • GitHub
    Bridge2.sol raw sourceBridge2.sol pragma ^0.8.9 — manual review, no symbolic exec performedretrieved 2026-04-28

Methodology #

Determine whether signed-integer conversions or comparisons where unsigned was intended exist in the deployed bytecode/source.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol hyperliquid factor RD-F-018 score gray collected_at 2026-04-28 13:58:49