All Reports
Download PDF
TokenTable ECDSA Distributor
2025-04-23
Critical0
High0
Medium1
Low0
Info2
About the Protocol
ECDSA signature-based token distribution contract with upgradeable architecture.
Findings (3)
M-01MediumFixed
Upgrade permission for the protocol was assigned to the wrong role
Contract upgrade authority incorrectly assigned to project owner instead of deployer.
I-01InfoAcknowledged
Hook call contains untrusted data
User-provided claim data in hook calls is not part of the signed payload.
I-02InfoAcknowledged
The version information is not included in the signed data
Contract version not included in signatures, allowing replay across upgrades.
Ready to Secure Your Project?
Get a free 30-minute security assessment. We will review your codebase scope and flag the top 3 risk areas.
No commitment required. Typical audits start within 1–2 weeks.