All Reports
Download PDF
Carina Finance
2025-10-17
Critical0
High0
Medium1
Low0
Info1
About the Protocol
DEX aggregator settlement layer enabling solver-executed order settlement on behalf of users.
Findings (2)
M-01MediumFixed
Malicious solver can drain NativeTokenFlow contract via reentrancy
Reentrancy in native token flow allows solver to drain contract funds.
I-01InfoAcknowledged
EIP-1271 signature verification allows callback to user-controlled contracts
Signature verification enables callbacks to potentially malicious contracts.
Ready to Secure Your Project?
Get a free 30-minute security assessment. We will review your codebase scope and flag the top 3 risk areas.
No commitment required. Typical audits start within 1–2 weeks.