Recently, a vulnerability was disclosed by Neodyme in the SPL token-lending library, several protocols on Solana were affected including Larix. We are very pleased to announce that no funds were lost due to this event, the prompt actions of the Larix team made sure the vulnerability was eliminated within one hour of disclosure.
In the event of this SPL lending vulnerability, We’d like to express our sincere gratitude towards the Neodyme team for disclosing in good faith. We’d also like to acknowledge the joint effort with Solana officials and Solend (also affected by this event), the support of all parties involved is greatly appreciated by the Larix team.
In accordance with our bug bounty initiative, which encourages our community to audit our contracts and security. We are teaming up with Solend and Tulip to offer a substantial bounty to Neodyme, Larix is offering $100K in total ($50K USDC and $50K in LARIX). This is a very unique milestone in Solana ecosystem history, that competing protocols are working together on a bounty.
For full details of our bug bounty initiative please see the link below.
Security and safety have always been one of our utmost important core values, we are dedicated to maintain the highest standard of security. We also have a number of different measures in place to uphold this high standard, such as the bug bounty initiative, white hat consulting committee, and regular internal audits. Larix is also audited externally by Slowmist, one of the most reliable blockchain auditing companies.
Here at Larix, We are very glad all protocols involved have came out of this event unscathed. We are all contributing to the thriving future of the whole Solana ecosystem!