Security Best Practices for Developers

Validate Contracts: When interacting with HyperFlash contracts, make sure to use the ABI and addresses from the official source. The code will be open source and will be audited by a top security firm, which provides confidence, but you should still keep your dependency up to date in case of any post-audit fixes.
Watch for Unbonding Status: If your app allows a user to request unstake via HyperFlash, consider that there might be an asynchronous wait. You may need to inform the user or track the status. Perhaps store an event of UnstakeInitiated for that user and poll or listen for an UnstakeCompleted event. The HyperFlash contracts likely emit events for these state changes (e.g., Stake(address user, uint256 amount) and UnstakeRequest(address user, uint256 amount) events).
Slashing Events: In the unlikely event of a validator slashing (which could reduce the total staked HYPE and thus the backing of flashHYPE slightly), there may be an on-chain signal or event (Hyperliquid might publish a slashing event for that validator). If you run an analytics app or something critical, you might want to monitor such events to know if flashHYPE supply or exchange rate might have a one-time negative adjustment. HyperFlash will presumably socialize any slashing losses across the pool so that flashHYPE remains fungible (like how Lido handles slashing by slightly lowering everyone’s balance). Those occurrences should be rare, but it’s part of the on-chain data to be aware of.
Testing in a Safe Environment: If possible, test your integration on a HyperFlash testnet or using a small amount of HYPE first. Ensure that stake and unstake flows work as expected and that your app correctly reflects changes (especially over time for yield accrual).
Validator Integration: If you are a validator, follow the official guide for setting up the HyperFlash MEV-enabled client. This likely involves running specific software and registering your validator’s withdrawal address to the HyperFlash contracts (so that when you withdraw stake, it goes back to the pool contract, as a security measure). Make sure to keep this infrastructure secure and updated. Also, join any operator channels or chats (HyperFlash Telegram) to stay informed of upgrades or changes in protocol operations.

PreviousIntegrating flashHYPE into dApps NextGeneral FAQs

Last updated 18 days ago

Security Best Practices for Developers

Validate Contracts: When interacting with HyperFlash contracts, make sure to use the ABI and addresses from the official source. The code will be open source and will be audited by a top security firm, which provides confidence, but you should still keep your dependency up to date in case of any post-audit fixes.
Watch for Unbonding Status: If your app allows a user to request unstake via HyperFlash, consider that there might be an asynchronous wait. You may need to inform the user or track the status. Perhaps store an event of UnstakeInitiated for that user and poll or listen for an UnstakeCompleted event. The HyperFlash contracts likely emit events for these state changes (e.g., Stake(address user, uint256 amount) and UnstakeRequest(address user, uint256 amount) events).
Slashing Events: In the unlikely event of a validator slashing (which could reduce the total staked HYPE and thus the backing of flashHYPE slightly), there may be an on-chain signal or event (Hyperliquid might publish a slashing event for that validator). If you run an analytics app or something critical, you might want to monitor such events to know if flashHYPE supply or exchange rate might have a one-time negative adjustment. HyperFlash will presumably socialize any slashing losses across the pool so that flashHYPE remains fungible (like how Lido handles slashing by slightly lowering everyone’s balance). Those occurrences should be rare, but it’s part of the on-chain data to be aware of.
Testing in a Safe Environment: If possible, test your integration on a HyperFlash testnet or using a small amount of HYPE first. Ensure that stake and unstake flows work as expected and that your app correctly reflects changes (especially over time for yield accrual).
Validator Integration: If you are a validator, follow the official guide for setting up the HyperFlash MEV-enabled client. This likely involves running specific software and registering your validator’s withdrawal address to the HyperFlash contracts (so that when you withdraw stake, it goes back to the pool contract, as a security measure). Make sure to keep this infrastructure secure and updated. Also, join any operator channels or chats (HyperFlash Telegram) to stay informed of upgrades or changes in protocol operations.

PreviousIntegrating flashHYPE into dApps NextGeneral FAQs

Last updated 18 days ago