All Reports
TokenTable UnlockerV2 EVM

TokenTable UnlockerV2 EVM

2025-04-25
Download PDF
Critical0
High0
Medium1
Low4
Info4

About the Protocol

EVM token distribution suite with Unlocker, Fee Collector, and Tracker token contracts.

Findings (9)

M-01MediumFixed

Fixed fees allow users to transfer all project tokens from the Unlocker to the protocol owner

Fixed fee mechanism can be exploited to drain project tokens via repeated zero-amount claims.

L-01LowFixed

Tracker token's balanceOf will revert if address owns cancelled actuals

Balance query reverts for users with cancelled allocations.

L-02LowFixed

Tracker token's totalSupply is always incorrect

Total supply calculation does not accurately reflect claimable tokens.

L-03LowFixed

Unauthorized claims allowed when externalDelegateRegistry is not configured

Missing delegate registry allows unauthorized claim delegation.

L-04LowAcknowledged

defaultFee can be huge or insignificant depending on project token's decimals

Default fee amount is not normalized for token decimal differences.

Ready to Secure Your Project?

Get a free 30-minute security assessment. We will review your codebase scope and flag the top 3 risk areas.

No commitment required. Typical audits start within 1–2 weeks.

audits@codespect.xyz