Skip to main content
All CollectionsMechanics
Liquidium Security Audit Summary
Liquidium Security Audit Summary

Summary of the security audit on Liquidium's peer-to-peer lending platform by Scalebit, covering key findings and ensuring transparency.

Peter avatar
Written by Peter
Updated over 3 months ago

Overview

In July 2024, Liquidium underwent a comprehensive security audit conducted by Scalebit, a trusted blockchain security firm. The audit was designed to ensure the security and robustness of Liquidium's core Bitcoin logic and peer-to-peer lending platform, focusing on Discreet Log Contracts (DLCs), multi-signature (multisig) escrows, and Partially Signed Bitcoin Transactions (PSBT).

Audit Details

  • Audit Firm: Scalebit (Twitter)

  • Audit Period: July 2, 2024 – August 15, 2024

  • Audited Areas:

    • Bitcoin-based technologies integral to Ordinals, Runes, and BRC20 lending/borrowing.

    • Key components of Liquidium’s core architecture and oracle mechanisms.

  • Methods: The audit employed a combination of:

    • Dependency checks

    • Static code analysis

    • Manual code reviews

Key Findings

The audit reviewed the entire architecture and processes related to Liquidium’s peer-to-peer lending protocol. A total of 11 issues were identified, categorized by severity:

  • Critical Issues: 2 (both resolved)

  • Major Issues: 2 (both resolved)

  • Medium Issues: 3 (2 resolved, 1 acknowledged)

  • Minor Issues: 2 (1 resolved, 1 acknowledged)

  • Informational Issues: 2 (both resolved)

No critical issues were left unresolved, and all other identified issues were either resolved or acknowledged as non-blocking.

Security Strengths

The audit confirmed the security of Liquidium's key components, including:

  • Bitcoin Logic: The audit verified that Liquidium's system uses secure, decentralized escrow mechanisms via multisig.

  • DLC and PSBT: Both technologies were reviewed for potential vulnerabilities, with the audit confirming the system’s strength in handling Bitcoin transactions securely, while ensuring that the 2-of-3 multisig model, which includes the oracle, provides a balanced approach to decentralization and trust.

  • Core Lending Logic: The foundational logic for Ordinals, Runes, and BRC20 lending was found to be secure and robust for peer-to-peer lending activities.

Conclusion

The audit by Scalebit found no critical vulnerabilities that compromise Liquidium’s platform. All identified issues were promptly addressed to ensure the system remains secure for users.

Did this answer your question?