Client Overview
Rayls is a blockchain ecosystem designed to bridge traditional finance and decentralized finance. The platform consists of two complementary environments: a private, permissioned blockchain deployed on-premises for banks and financial institutions, and the Rayls Public Chain, an EVM Layer 1 designed for interoperability, high throughput, and predictable transaction costs.
Together, these components enable financial institutions to securely bring assets onchain while maintaining the compliance, privacy, and operational requirements expected in regulated environments.
Positioned at the intersection of TradFi and DeFi, Rayls is building infrastructure for institutional tokenization, payments, and digital asset adoption.
Key Security Challenges
As Rayls prepared to support regulated financial institutions and large-scale digital asset activity, the team faced two significant security challenges:
Securing a novel privacy-preserving blockchain architecture
Rayls is not a standard EVM deployment. The platform combines a custom consensus layer, the Enygma privacy protocol, zero-knowledge circuits, stablecoin-based gas mechanics, MEV protection systems, gas oracles, KYC infrastructure, and cross-chain messaging capabilities. These components create a much broader attack surface than a typical smart contract deployment and required a security partner capable of assessing the entire ecosystem as an interconnected system.
Meeting the security requirements of institutional counterparties
Because Rayls serves banks and regulated entities, internal security reviews alone were insufficient. Prospective partners required independent validation from a recognized security firm capable of assessing both technical risk and operational resilience. The team needed assurance that the platform could withstand the security, reputational, and systemic risks associated with institutional financial infrastructure.
Halborn’s Solutions
Halborn delivered a multi-disciplinary engagement spanning smart contract auditing, Layer 1 security assessment, blockchain architecture advisory, and cryptographic review.
Halborn conducted a holistic review rather than evaluating individual components in isolation. The team analyzed interactions between Solidity contracts, the Enygma privacy layer, zero-knowledge circuits, cross-chain messaging systems, gas infrastructure, and supporting off-chain services. This approach enabled Halborn to identify risks that emerge at the integration layer, where vulnerabilities often evade traditional security reviews.
Halborn also brought specialized expertise in privacy-preserving systems and cryptographic architectures. Rather than treating zero-knowledge components as opaque systems, the team reviewed the underlying cryptographic assumptions and implementation details, helping validate the security guarantees that Rayls intends to provide institutional users.
Throughout the engagement, Halborn worked closely alongside the Rayls engineering team. Findings were delivered in real time with sufficient context to begin remediation immediately, allowing security improvements to progress in parallel with ongoing development efforts.
Dr. Jacob Mendel, CTO of Rayls, summarized the engagement this way:
"Securing an L1 with custom cryptography is something most security firms simply aren't equipped for. Halborn engaged with our contracts, consensus, and off-chain components as one connected system and gave us the independent assurance our institutional partners require. They didn't just harden our platform, they raised the security bar for our entire team."
Outcomes Beyond the Core Audit
The engagement delivered benefits that extended well beyond the findings themselves.
Security became embedded in the development process
The review helped shift security from a final-stage validation exercise to a core design principle. Engineers developed stronger threat-modeling practices and began evaluating attack vectors and integration risks earlier in the development lifecycle. This security-first mindset continues to influence how contracts, circuits, and infrastructure components are designed and reviewed.
Institutional confidence increased through independent validation
By undergoing a rigorous external assessment, Rayls strengthened its ability to engage with banks, financial institutions, and regulated partners that require independent assurance before building on new infrastructure. The engagement provided both technical validation and additional credibility with stakeholders evaluating the platform.
The review also covered approximately 60,000 lines of code across smart contracts, consensus components, and supporting infrastructure. Critical risks were identified and remediated without slowing product development, demonstrating that security and execution speed do not need to be competing priorities.
Going Above and Beyond
What distinguished this engagement was Halborn’s ability to operate across the full technology stack. Rayls required expertise that spanned Layer 1 architecture, privacy-preserving cryptography, smart contracts, zero-knowledge systems, cross-chain infrastructure, and institutional-grade security requirements. Few firms possess that breadth of capability within a single engagement.
Rather than delivering a checklist audit, Halborn provided a comprehensive security review aligned with the realities of institutional blockchain infrastructure. The combination of technical rigor, architecture-level thinking, and collaborative execution helped Rayls strengthen both its platform and its internal security culture.
For organizations building complex blockchain systems that combine novel cryptography, privacy technologies, and regulated financial use cases, Rayls’ experience demonstrates the value of working with a security partner capable of evaluating the entire system, not just its individual components.
