Webisoft
Prepared for Talaris LLC

Security Audit Proposal

Hypertensor Blockchain — pallet-network & Runtime

Talaris LLC·Webisoft·April 3, 2026·v1.0
Section 01

Overview

Webisoft has completed a preliminary review of the Hypertensor codebase at github.com/hypertensor-blockchain/hypertensor-blockchain. The primary audit target is pallets/network. Also in scope: runtime configuration and the EVM/Frontier precompile layer that bridges Solidity contracts into pallet-network storage.

Section 02

What We Found

During our preliminary review, we identified six areas that shape the audit scope and complexity:

Scale & Complexity

20,586 lines, 165 extrinsics, 210 storage items. 7-10x the size of a typical Substrate pallet.

Zero-Weight Extrinsics

Critical

All 165 extrinsics carry a weight of zero. This breaks gas-to-weight mapping and represents a CRITICAL economic security gap.

Three Staking Systems

Inflation, rewards, and slashing span multiple mechanisms. Interactions under adversarial conditions need validation.

Frontier EVM Layer

3 custom Solidity precompiles bridge EVM into pallet-network storage. This is a second entry point into the same state.

No Technical Documentation

No developer-facing docs exist. The audit will reverse-engineer intent directly from code.

Future PoA to NPoS Transition

Non-trivial given the Frontier layer. The audit identifies tech debt before migration.

Section 03

Base Scope

PhaseDescriptionHoursCost
Phase 1pallet-network security review40-50h$6,000-$7,500
Phase 2Tokenomics audit15-20h$2,250-$3,000
Phase 3Test network validation (4+ nodes)15-20h$2,250-$3,000
Phase 4Runtime config review8-12h$1,200-$1,800
Phase 5Findings report & remediation10-15h$1,500-$2,250
Total88-117h$13,200-$17,550

All pricing based on a rate of $150/hour. Prices in USD.

Section 04

Recommended Add-ons

EVM / Frontier Precompile Review

Strongly Recommended
$2,250-$3,00015-20h

The 3 custom Solidity precompiles are the most accessible attack vector. They bridge EVM callers directly into pallet-network storage, bypassing extrinsic-level checks. This add-on audits input validation, access control, and reentrancy surface for each precompile.

Infrastructure & DevOps Hardening

$1,800-$2,70012-18h

The current build has no load testing, no fuzzing infrastructure, a non-reproducible Dockerfile, and unpinned dependencies. This add-on hardens the build pipeline and deployment environment.

Post-Quantum Cryptography Assessment

from $2,250

The chain relies on Ed25519 and ECDSA. FIPS 203/205 standards are finalized. An early assessment of post-quantum readiness is significantly cheaper than a forced migration under time pressure.

Section 05

Deliverables

  • Detailed findings report with severity ratings (Critical / High / Medium / Low / Informational)
  • Remediation guidance with code-level recommendations
  • Test network validation results
  • Runtime configuration assessment
  • If EVM add-on selected: precompile-specific findings integrated into the main report
Section 06

Methodology

The audit combines manual code review with static analysis tooling. Phase 3 stands up a private multi-node testnet to execute economic attack scenarios including stake manipulation, reward siphoning, and slashing edge cases.

Because no technical documentation exists, the audit will document inferred protocol intent alongside each finding. If significant commits land before July, we will re-scope accordingly. Our preliminary review was conducted against the main branch as of February 10, 2026 (21 commits).

Section 07

Timeline

1

Target Start

July 2026

2

Estimated Duration

6-8 weeks

3

Milestone Schedule

Provided upon signature

Section 08

Pricing Summary

ScopeCost
Base audit (Phases 1-5)$13,200-$17,550
+ EVM / Frontier$2,250-$3,000
+ Infrastructure / DevOps$1,800-$2,700
+ Post-quantumfrom $2,250
Full engagement~$19,500-$25,500

Payment terms: 50% upon signature, 50% upon final report delivery.

Section 09

Next Steps

1

Confirm start date

2

Flag any significant pending commits for scope finalization

3

Sign engagement letter

Available to walk through this on a call.

Phil Therien

Partner, Webisoft

Get in Touch

Ready to move forward? Reach out to schedule a kickoff call.

514-668-9506 phil@webisoft.com

This proposal is valid for 30 days from the date of issue. All prices are in $USD. Pricing is subject to change after the validity period.

WBSFT®

Prepared by Webisoft for Talaris LLC · April 2026