Auditor re-engaged after last exploit

Hyperliquid's assessment for RD-F-083 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No public evidence that Hyperliquid engaged Zellic, Cyfrin, or any other firm for a post-JELLY re-audit of HyperCore matching/clearing logic. The JELLY exploit surface is the closed-source L1 binary — not auditable by third parties. Zellic's existing audits cover Bridge2 only. No new audit engagement disclosed post-JELLY. Yellow by absence of evidence; structural L1 closure makes third-party re-audit impossible.

Sources #

Docs
https://hyperliquid.gitbook.io/hyperliquid-docs/auditsretrieved 2026-04-28
URL
https://github.com/Zellic/publications/blob/master/Hyperliquid%20November%20-%20Zellic%20Audit%20Report.pdfretrieved 2026-04-28

Methodology #

Determine whether a reputable auditor performed a re-audit or incident review after the most recent exploit.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol hyperliquid factor RD-F-083 score yellow collected_at 2026-04-28 13:58:49