LastHash
Documentation
Open App

Security

Overview

LastHash is built with security as a first principle. All game logic, fund custody, and reward distribution are handled by smart contracts on Base — no centralized server can influence outcomes or access player funds.

Smart Contract Security

Separation of Concerns

The contract architecture isolates critical functions:

  • Game logic (LastHashCore) is separate from fund custody (LastHashVault)
  • Each game is an independent contract instance — a vulnerability in one game cannot affect others
  • The referral system runs on its own contract with separate access controls

Access Control

All privileged functions use role-based access control:

  • Operators can only advance game phases — they cannot move funds or alter outcomes
  • Treasury can only receive platform fees and sweep unclaimed funds after 360 days
  • Emergency role is timelocked and can only enable emergency withdrawals

No single role has the ability to steal or redirect player funds.

Fund Safety Mechanisms

MechanismProtection
Pull-based claimsPlayers withdraw their own funds — no batch processing risk
Vault isolationFunds are held in a separate vault contract, not in game contracts
Emergency withdrawalAuto-enabled after 7 days if game is stuck
360-day sweepUnclaimed funds go to treasury after 1 year — no permanent locks
Oracle failure refundsFull refund if Pyth Network pricing fails during a round
Game cancellation refundsFull deposit returned if game is cancelled (no fees)

Elimination Integrity

  • Round outcomes are determined exclusively by Pyth Network oracle prices
  • No human input, admin action, or off-chain computation influences who gets eliminated
  • The pull-based elimination pattern means each player's status is verified against immutable onchain round data

Oracle Security

Pyth Network

LastHash relies on the Pyth Network for ETH/USD pricing. Pyth is used by major DeFi protocols and provides:

  • Decentralized publisher network — prices aggregated from multiple institutional data sources
  • Confidence intervals — the contract validates that price data falls within acceptable accuracy bounds
  • Freshness checks — prices older than 2 minutes are rejected
  • Deviation limits — price changes exceeding 10% between rounds trigger safety checks

Oracle Failure Handling

If the Pyth oracle fails to provide valid pricing:

  1. The contract detects the failure and marks the round as oracle-failed
  2. The game is paused — no eliminations occur based on invalid data
  3. Players can claim a full refund via claimOracleFailureRefund()

This ensures players are never eliminated due to faulty price data.

Player Protections

Deposit Safety

  • Once deposited, your USDC is held in the vault contract — not in anyone's wallet
  • The vault only releases funds through defined code paths (winner payout, refund, emergency withdrawal)
  • Even the contract deployer cannot withdraw player deposits

Maximum Game Duration

Every game has a 24-hour hard limit. If a game runs longer than 24 hours due to unexpected conditions, it is automatically force-completed. This prevents funds from being indefinitely locked.

Emergency Withdrawal

If a game gets stuck (e.g., operator fails to advance phases):

  • After 7 days, emergency withdrawal is automatically enabled
  • Players can call executeEmergencyWithdrawal() to reclaim their original deposit
  • No approval needed from any admin or operator

Cancelled Game Refunds

If a game is cancelled (insufficient players, admin action, or critical error):

  • All players receive their full deposit back
  • No fees are deducted on cancelled games
  • Refunds are available immediately via claimRewards()

What We Don't Control

  • Game outcomes — determined by ETH price movements and Pyth oracle data
  • Player funds — held in the vault contract, not in team wallets
  • Elimination logic — hardcoded in immutable contract functions
  • Fee calculations — enforced by contract code with hardcoded maximum caps

Responsible Disclosure

If you discover a security vulnerability in LastHash's smart contracts or frontend application, please report it responsibly:

  • Do not exploit the vulnerability on mainnet
  • Contact the team via Discord or email with details
  • Allow reasonable time for a fix before public disclosure

We take all security reports seriously and will work with researchers to address issues promptly.