Prepared by:
HALBORN
Last Updated 01/30/2026
Date of Engagement: January 9th, 2026 - January 20th, 2026
Summary
100% of all REPORTED Findings have been addressed
All findings
3
Critical
0
High
0
Medium
1
Low
1
Informational
1
Table of Contents
1. Introduction
HSuite engaged Halborn to conduct a web application review on their DEX application. The security assessment was scoped to application provided to Halborn to conduct the assessment.
This report contains a detailed list of findings, highlighting the severity and impact of each one and certain proposed resolutions.
2. Assessment Summary
Halborn performed a security assessment of the client’s application to evaluate the overall robustness of its core functionality and identify potential risks that could impact reliability, integrity, and user trust. The review focused on key areas of the platform, including critical backend API behavior and components related to pool operations within the DEX.
Overall, the assessment identified opportunities to strengthen how the system handles edge cases and unexpected user behavior. In particular, the review highlighted scenarios where normal user actions could lead to unintended outcomes, such as the ability to influence pool balances outside of the expected configuration, as well as cases where invalid inputs caused the application to return internal server errors. While some of these issues were not directly exploitable on their own, addressing them will improve platform stability and reduce the risk of future abuse.
It is recommended to prioritize improvements in validation, safeguards around pool operations, and general resilience controls. Implementing these measures will enhance the consistency of the platform, reduce operational risk, and provide a more reliable experience for end users.
3. Scope
https://testnet.silksuite.app/
https://testnet-sn1.hbarsuite.network
https://testnet-sn2.hbarsuite.network
https://testnet-sn3.hbarsuite.network
https://testnet-sn4.hbarsuite.network
4. RISK METHODOLOGY
- 5 - Almost certain an incident will occur.
- 4 - High probability of an incident occurring.
- 3 - Potential of a security incident in the long term.
- 2 - Low probability of an incident occurring.
- 1 - Very unlikely issue will cause an incident.
- 5 - May cause devastating and unrecoverable impact or loss.
- 4 - May cause a significant level of impact or loss.
- 3 - May cause a partial impact or loss to many.
- 2 - May cause temporary impact or loss.
- 1 - May cause minimal or un-noticeable impact.
- 10 - CRITICAL
- 9 - 8 - HIGH
- 7 - 6 - MEDIUM
- 5 - 4 - LOW
- 3 - 1 - VERY LOW AND INFORMATIONAL
5. SCOPE
6. Assessment Summary & Findings Overview
Critical
0
High
0
Medium
1
Low
1
Informational
1
| Security analysis | Risk level | Remediation Date |
|---|---|---|
| Potential Unbalanced Pool | Medium | Solved - 01/29/2026 |
| Unhandled Exception in /pools/balance | Low | Solved - 01/25/2026 |
| Large JavaScript File Loaded on Application Startup | Informational | Acknowledged |
7. Findings & Tech Details
7.1 Potential Unbalanced Pool
//
Description
Proof of Concept
Score
Recommendation
Remediation Comment
7.2 Unhandled Exception in /pools/balance
//
Description
Proof of Concept
Score
Recommendation
Remediation Comment
Remediation Hash
7.3 Large JavaScript File Loaded on Application Startup
//
Description
Proof of Concept
Score
Recommendation
Remediation Comment
Halborn strongly recommends conducting a follow-up assessment of the project either within six months or immediately following any material changes to the codebase, whichever comes first. This approach is crucial for maintaining the project’s integrity and addressing potential vulnerabilities introduced by code modifications.
Table of Contents
// Download the full report
HBAR Suite
* Use Google Chrome for best results
** Check "Background Graphics" in the print settings if needed