Skip to main content
Security is layered: an external smart-contract audit, multi-sig controls on fund movement, institutional custody, and oracle safeguards.

Smart contract audit

Ackee Blockchain

Hyro Protocol’s Solana programs are audited by Ackee Blockchain (Czech-based, OtterSec-tier quality). The engagement is in progress, and the full report is published before mainnet.
Capped initial TVL during the beta period bounds exposure while the audit completes and the protocol proves itself in production.

The security stack

Squads multisig

A 3/5 multisig (Squads) governs all operator-wallet fund movement. No single key controls capital.

Fireblocks custody

Institutional custody for the centralized execution leg.

Oracle watchdog

An independent watchdog reader (separate server, key, region) cross-validates every NAV report.

Read-only API keys

Trader Bybit sub-accounts use trade-only keys — no withdrawal permission.

Smart-contract security patterns

  • PDA-based account architecture prevents address collisions
  • Feature flags enable gradual rollout and emergency controls
  • Comprehensive input validation in every instruction
  • Anchor framework’s built-in security patterns
  • Withdrawal-pause circuit breakers on oracle anomalies

Decentralization status

What’s on-chain today, and the path to removing each trust assumption.