HBAR Suite - HSuite

1. Introduction

HSuite engaged Halborn to conduct a web application review on their DEX application. The security assessment was scoped to application provided to Halborn to conduct the assessment.

This report contains a detailed list of findings, highlighting the severity and impact of each one and certain proposed resolutions.

2. Assessment Summary

Halborn performed a security assessment of the client’s application to evaluate the overall robustness of its core functionality and identify potential risks that could impact reliability, integrity, and user trust. The review focused on key areas of the platform, including critical backend API behavior and components related to pool operations within the DEX.

Overall, the assessment identified opportunities to strengthen how the system handles edge cases and unexpected user behavior. In particular, the review highlighted scenarios where normal user actions could lead to unintended outcomes, such as the ability to influence pool balances outside of the expected configuration, as well as cases where invalid inputs caused the application to return internal server errors. While some of these issues were not directly exploitable on their own, addressing them will improve platform stability and reduce the risk of future abuse.

It is recommended to prioritize improvements in validation, safeguards around pool operations, and general resilience controls. Implementing these measures will enhance the consistency of the platform, reduce operational risk, and provide a more reliable experience for end users.

3. Scope

• https://testnet.silksuite.app/

• https://testnet-sn1.hbarsuite.network

• https://testnet-sn2.hbarsuite.network

• https://testnet-sn3.hbarsuite.network

• https://testnet-sn4.hbarsuite.network