Security Audit Report

WalletGuard.ai, powered by Gestalt Labs

April 17, 2026

ID: 07ffab53

0xa904...c888EVMBench: 2024-05-olasv1View audit historyEthereumLive TargetModerate Risk

Verified on BaseVerify externally Prompt 0xd29afd...

Apr 17, 2026, 06:14

Standard AuditModel: Claude Sonnet 4.6

What you got

Tier: Standard ($29)
Model: Sonnet
Specialists completed: 8 of 9

Risk Level: Moderate Risk

Efficiency

0C2H16M6L

24 security | 3 code quality | 2 gas

2 High: GenericBondCalculator.sol (1), Depository.sol (1)

In-Scope Security Score Guide

8.0 - 10.0Low Risk. No critical issues. Safe for interaction.

5.0 - 7.9Moderate Risk. Some issues found. Review before interacting.

1.0 - 4.9High/Critical Risk. Significant vulnerabilities detected.

Score is based on 29 findings from 10 specialist agents.

Exploit Analysis

Findings selected for deep verification. Where possible we generated a Solidity proof-of-concept and executed it against a forked mainnet.

Architectural

Architectural Risk

low

Depository.redeem() does not check for duplicate bondIds in input array, allowing double-accounting (but not double-spending due to delete)

File: contracts/Depository.solFunction: redeem

Why no PoC

Pattern, not single-tx exploit

Exploitability

8.5 / 10

Executive Summary

The analyzed contract system is a complex multi-component DeFi protocol encompassing bonding, staking incentive distribution, cross-chain bridging, and an upgradeable tokenomics engine. The analysis identified 0 critical, 3 high, 12 medium, 4 low, and 4 informational findings across 29 total submissions, after deduplication and gate filtering. The single most dangerous pattern is the use of UniswapV2 spot prices without TWAP in bond product pricing, which exposes the OLAS inflation budget to flash loan manipulation at product creation time. The protocol carries meaningful risk in its current form and requires remediation of access control bugs and oracle security before handling significant value.

Critical Highlights

highUniswapV2 Spot Price Used for Bond Payout Calculation Without TWAP

The protocol calculates how many OLAS tokens a user receives for depositing LP tokens based on the current reserve ratio in a Uniswap pool. This ratio can be temporarily and artificially inflated using a flash loan in the same transaction. If an attacker manipulates the pool reserves right before a bond product is created, the stored price is inflated, and the attacker can then deposit LP tokens to receive far more OLAS than the tokens are actually worth, draining the protocol's OLAS inflation budget.

highFxBaseChildTunnel.setFxRootTunnel Can Be Called by Anyone in PolygonTargetDispenserL2 v1

During the deployment of the Polygon bridge component, anyone can call a setup function before the legitimate operator does and set it to point to an attacker-controlled contract. Once set, all messages coming from Polygon's bridge are validated against this fake contract, allowing the attacker to forge staking messages and potentially drain OLAS tokens from the L2 dispenser.

mediumTokenomics.refundFromStaking() uses wrong access control check (depository instead of dispenser)

A copy-paste error in the access control check means the dispenser contract can never successfully return unused staking inflation back to the protocol. The check mistakenly compares against the depository address instead of the dispenser address. This permanently breaks the staking refund accounting, causing OLAS inflation to be mis-tracked over time.

24 Security Findings | 3 Code Quality | 2 Gas Optimizations

high(2)

medium(16)

low(6)

Code Quality Observations(3)

Gas Optimizations(2)

Decentralization

2 centralization points identified

One-step ownership transfer with no recovery if wrong address is set

Exploitation requires the owner to make a mistake (send to a wrong non-zero address). This is an admin operational risk, not an external attacker exploit path. Reported as a property the buyer should know about.

changeOwner()

TokenomicsProxy Fallback Has No Access Control — Any Call Is Delegated

The risk described is contingent on a compromised owner key. The proxy fallback behavior itself is standard and necessary. The absence of a timelock is a centralization concern about admin capabilities, not an independently triggerable vulnerability.

fallback()

Attack Chain Analysis

Flash Loan Bond Inflation via Spot Price Oraclehigh

An attacker first manipulates the UniswapV2 OLAS pool reserves using a flash loan to inflate the spot price (Finding: UniswapV2 Spot Price Used for Bond Payout Calculation Without TWAP). They then front-run or coordinate the owner's call to create a bond product, causing an inflated priceLP to be stored. With the broken refundFromStaking() accounting (Finding: Tokenomics.refundFromStaking() uses wrong access control check), any excess OLAS allocated to staking is never credited back, compounding the accounting error. The attacker deposits LP tokens against the inflated product to receive an outsized OLAS payout, draining the inflation budget while the staking shortfall goes unrecovered.

UniswapV2 Spot Price Used for Bond Payout Calculation Without TWAPTokenomics.refundFromStaking() uses wrong access control check (depository instead of dispenser)

Polygon Bridge Hijack via Unprotected Tunnel Setuphigh

The setFxRootTunnel function in PolygonTargetDispenserL2 v1 can be called by any address before the legitimate operator sets it (Finding: FxBaseChildTunnel.setFxRootTunnel Can Be Called by Anyone). Additionally, the setFxChildTunnel override in PolygonDepositProcessorL1 removes the once-only guard (Finding: FxBaseRootTunnel.setFxChildTunnel is public and can only be called once, but PolygonDepositProcessorL1 overrides it without the once-only check). An attacker who front-runs deployment to control the child tunnel address on L2 can send arbitrary staking data through the bridge, bypassing authentication entirely and causing the L2 dispenser to distribute OLAS to attacker-chosen targets.

FxBaseChildTunnel.setFxRootTunnel Can Be Called by Anyone in PolygonTargetDispenserL2 v1FxBaseRootTunnel.setFxChildTunnel is public and can only be called once, but PolygonDepositProcessorL1 overrides it without the once-only check

Agent Coverage

Agent	Status	Findings	Severity	Confidence	Duration	Coverage
reentrancy	failed	0		0%	52.2s	-
access control	success	7	4M2L	76%	1.2m	Access control on all owner/manager-gated functions, Initialization and re-initialization protection, Reentrancy patterns in Treasury, Dispenser, DefaultTargetDispenserL2, Signature authentication (none present - no ecrecover or permit), Delegatecall safety in TokenomicsProxy fallback, Cross-chain message authentication in all bridge processors, Bond redemption logic in Depository, Ownership transfer patterns, refundFromStaking access control bug, calculateStakingIncentives public non-view state mutation, PolygonDepositProcessorL1 setFxChildTunnel override, SameBlockNumberViolation griefing vector, Tokenomics initializeTokenomics re-initialization protection
economic	success	6	1H2M	79%	1.4m	Flash loan attack vectors in bond calculator and depository, Oracle manipulation via UniswapV2 spot price in getCurrentPriceLP, Staking reward manipulation in Tokenomics checkpoint and staking points, LP token pricing without TWAP in GenericBondCalculator, Reentrancy guards in Depository.deposit, Dispenser.claimOwnerIncentives, DefaultTargetDispenserL2._processData, Access control on all privileged functions across all contracts, Cross-contract composability in Treasury/Tokenomics/Depository/Dispenser system, Bridge message authentication in all deposit processor and target dispenser L2 contracts, Withheld amount accounting and syncWithheldAmount flows, Staking incentive calculation arithmetic in Dispenser.calculateStakingIncentives, Epoch checkpoint logic and maxBond/effectiveBond accounting in Tokenomics, Product closure and bond redemption logic in both Depository versions, TokenomicsProxy upgrade safety and implementation slot usage, Treasury ETH conservation invariants and minimum accepted ETH, Wormhole, Arbitrum, Optimism, Gnosis, Polygon bridge security patterns, MEV exposure in deposit/redeem flows, Integer overflow/underflow with uint96/uint32 type casts, Fee-on-transfer token risks in Treasury.depositTokenForOLAS, DonatorBlacklist integration in Tokenomics.trackServiceDonations, SameBlockNumberViolation guard against flash loan donation + checkpoint
logic validation	success	8	1H3M1L	80%	1.9m	Input validation across all major contracts (Depository, Treasury, Tokenomics, Dispenser), Arithmetic safety in Tokenomics checkpoint(), _finalizeIncentivesForUnitId(), staking incentive calculations, uint96/uint32 downcast truncation risks in bond/product storage, Reentrancy patterns in Treasury.depositServiceDonationsETH(), Dispenser.claimOwnerIncentives(), State machine integrity for product lifecycle (create/deposit/close/redeem), Array bounds in _distributeStakingIncentivesBatch batch processing loops, Tokenomics proxy delegatecall pattern and implementation slot, Bridge message authentication in DefaultDepositProcessorL1 and DefaultTargetDispenserL2, Cross-chain amount accounting (withheldAmount, transferAmount) in Dispenser, DoS vectors from unbounded loops in getPendingBonds, getActiveProducts, getBonds, Timestamp dependence in bond maturity checks and epoch length enforcement, Access control consistency across manager/owner role checks, refundFromStaking() error message bug (depository vs dispenser), retain() missing checkpointNominee call, Staking incentive double-accounting in checkpoint()
code quality	success	10		79%	1.9m	Reentrancy patterns in Depository, Treasury, Dispenser, DefaultTargetDispenserL2, Access control on all privileged functions, Integer overflow/underflow with uint96/uint32/uint160 downcasts, Bond product lifecycle logic (create, deposit, close, redeem), Cross-chain bridge message authentication in all L1/L2 processor contracts, Staking incentive calculation and distribution logic, Epoch checkpoint logic and inflation accounting, ERC20 transfer return value checking, Proxy storage slot correctness (PROXY_TOKENOMICS slot), Flash loan protection (lastDonationBlockNumber), Donator blacklist enforcement, Withheld amount synchronization across chains, Migration logic in DefaultTargetDispenserL2, Wormhole delivery hash replay protection
compiler bugs	success	4	2M	81%	1.3m	Reentrancy patterns across Depository, Dispenser, Treasury, DefaultTargetDispenserL2, Access control on all privileged functions (owner, manager, depository, dispenser roles), Bond product lifecycle: creation, deposit, redemption, closure in all Depository versions, Cross-chain message authentication in all bridge processor contracts (Arbitrum, Optimism, Gnosis, Polygon, Wormhole), Staking incentive calculation and refund logic in Tokenomics, Token transfer safety (return value checks, allowance checks), Integer overflow/underflow in packed struct fields (uint96, uint32, uint160), LP price calculation in GenericBondCalculator, Proxy upgrade pattern in TokenomicsProxy, Flash loan protection via lastDonationBlockNumber in Tokenomics.checkpoint(), Withheld amount synchronization between L1 and L2, Migration logic in DefaultTargetDispenserL2.migrate(), FxBaseChildTunnel and FxBaseRootTunnel authorization patterns, Wormhole delivery hash replay protection, Epoch checkpoint logic and year-boundary inflation calculations, Compiler bug patterns for pragma versions in range (^0.8.15, ^0.8.17, ^0.8.18, ^0.8.20, ^0.8.23, ^0.8.25)
assembly safety	success	7	1M1L	76%	1.3m	Complete codepoint-by-codepoint scan for non-ASCII characters (U+202E, zero-width joiners, Cyrillic homoglyphs) - none found, All assembly{} blocks examined: checkLP in GenericBondCalculator (5k gas call, benign), tokenomicsImplementation sload (named slot pattern), changeTokenomicsImplementation sstore (named slot pattern), TokenomicsProxy fallback delegatecall, checkpoint() sload of PROXY_TOKENOMICS, Assembly block safety: all assembly blocks use either named-slot storage patterns or standard delegatecall/returndata patterns, Yul shift operation ordering: no shl/shr/sar found in assembly blocks, Access control on all privileged functions across all contracts, Reentrancy patterns: Depository.deposit (no guard), Depository.redeem (no guard but CEI respected), Dispenser.claimOwnerIncentives (guarded), DefaultTargetDispenserL2._processData (guarded), Cross-contract trust assumptions in bridge processor chain, refundFromStaking access control bug in Tokenomics.sol, Token transfer return value checks in redeem functions, Staking incentive calculation logic in Dispenser, Treasury receive() minimum ETH enforcement, Bond product lifecycle management, Epoch checkpoint logic and timing constraints, WormholeTargetDispenserL2 immutable double-assignment, TokenomicsProxy delegatecall safety
l2 specific	success	10	2M2L	74%	1.8m	Depository bond creation and redemption logic across all versions, Treasury deposit and withdrawal functions including ETH and LP token handling, Tokenomics checkpoint and epoch management including year-change transitions, Dispenser staking incentive calculation and distribution, Cross-chain bridge contracts: Arbitrum, Optimism, Gnosis, Polygon, Wormhole deposit processors and target dispensers, L1-to-L2 message authentication and sender verification for all bridge implementations, Arbitrum ArbSys precompile usage and address aliasing, Optimism CrossDomainMessenger xDomainMessageSender() authentication pattern, GenericBondCalculator LP pricing mechanism and oracle manipulation risk, Reentrancy guards across all contracts, Access control patterns (owner, manager checks), Withheld amount sync mechanism and potential DoS via withheldAmount manipulation, Queued staking requests and redeem logic, Migration function in DefaultTargetDispenserL2, Polygon FxPortal tunnel integration, Wormhole token bridge integration and delivery hash replay prevention, TokenomicsProxy delegatecall and storage slot safety, Retainer mechanism in Dispenser for staking inflation return, Integer overflow/underflow in payout calculations, Product closure and supply tracking in Depository
upgrade	success	8	2M	77%	1.5m	Proxy pattern identification - TokenomicsProxy uses custom UUPS-like pattern with custom storage slot, Initialization safety - initializeTokenomics reinitialization guard, Missing disableInitializers on Tokenomics implementation contract, Access control for all privileged functions (owner, manager checks), Reentrancy in Depository.redeem, Dispenser.claimOwnerIncentives, DefaultTargetDispenserL2._processData, Storage layout of Tokenomics proxy vs implementation, Transfer return value checks in Depository and Treasury, Cross-chain bridge message authentication in all bridge contracts, Upgrade authorization in changeTokenomicsImplementation, Loop index variable bugs in batch distribution functions, Integer overflow/underflow in bond and product accounting, Flash loan protection (lastDonationBlockNumber check), Withheld amount overflow checks in Dispenser.syncWithheldAmount, Migration function safety in DefaultTargetDispenserL2

Failed Agents

reentrancyFailed

Invalid JSON in Claude response (stop_reason: end_turn, outputTokens: 2828)

How this affects your report: findings normally surfaced by this specialist are missing; overlapping coverage from other agents still applies.

Scope and Methodology

Target0xa9045436c194d0e36979a00b2ac5ccd6674fc888

ChainEthereum

Complexitymoderate

Analysis ModelClaude Sonnet 4.6

Specialist Agents10

Agent Types

reentrancyaccess controleconomiclogic validationcode qualitycompiler bugsassembly safetyl2 specificupgrade

Scope TemplateGeneral Smart Contract (auto-selected)

MethodologyAutomated multi-agent analysis. Each specialist agent independently reviews the contract source code for vulnerabilities in its domain. Findings are deduplicated, scored, and synthesized into this report.

Findings are gated by demonstrated exploit feasibility against the analyzed contract. Observations that describe accepted blockchain behavior, consensus-layer issues, or infeasible preconditions are excluded from scored findings. See scope policy.

Severity Classification

CriticalDirect loss of funds or complete protocol compromise. Exploitable with high likelihood. Requires immediate remediation.

HighSignificant risk to funds or protocol integrity. Conditionally exploitable or requires specific circumstances. Should be fixed before deployment.

MediumLimited or conditional impact. May require unlikely conditions to exploit. Should be addressed but not blocking.

LowMinor impact. Best practice deviations, minor inefficiencies. Fix when convenient.

InformationalNo direct security impact. Code quality observations, gas optimizations, style recommendations.

Limitations

This automated audit has inherent limitations. The following areas are not covered.

-Business logic correctness cannot be fully verified: the audit identifies code patterns that deviate from documented behavior, but cannot confirm whether the protocol's intended tokenomics model (epoch lengths, inflation schedules, bond pricing philosophy) is economically sound or achieves its stated goals.
-Off-chain component security is out of scope: the security of admin key management, keeper bots that call checkpoint(), bridge relayer infrastructure, and deployment scripts are not analyzed. A compromised owner key immediately enables upgrade hijacking with no on-chain protection.
-Economic modeling and tokenomics viability are not assessed: assumptions about OLAS demand, LP liquidity depth required to resist oracle manipulation, and the long-term sustainability of the bonding mechanism are outside the scope of this automated analysis.
-Cross-protocol composability risks beyond the analyzed contracts are not fully captured: interactions with external Uniswap V2 pools, Wormhole token bridge, Arbitrum ArbSys precompile, and Optimism CrossDomainMessenger rely on the continued correct behavior of those external systems, which are not analyzed here.
-Governance social dynamics are not modeled: the protocol's owner role is a single EOA or multisig whose behavior (voter participation, key rotation discipline, bribery resistance) cannot be evaluated by static analysis.
-The reentrancy agent reported a failure (status=failed, 0 findings). Reentrancy paths across Depository.deposit(), Treasury.depositServiceDonationsETH(), and DefaultTargetDispenserL2._processData() may not have been fully covered. Other agents noted reentrancy patterns in their coverage but the specialist agent result is absent.

Disclaimer

This report is an automated point-in-time assessment and does not guarantee protection against all possible attacks. It does not cover off-chain components, economic modeling, or business logic correctness unless explicitly noted. Changes to the contract after the audit commit are not reviewed. This is not financial or legal advice. WalletGuard, powered by Gestalt Labs, provides this analysis as-is with no warranty of completeness.

Embed Badge

Markdown

[![WalletGuard Audit](https://walletguard.ai/api/badge/07ffab53-5bd1-4ffe-b3f3-e019724f6c96)](https://walletguard.ai/audit/07ffab53-5bd1-4ffe-b3f3-e019724f6c96)

HTML

<a href="https://walletguard.ai/audit/07ffab53-5bd1-4ffe-b3f3-e019724f6c96">
  <img src="https://walletguard.ai/api/badge/07ffab53-5bd1-4ffe-b3f3-e019724f6c96" alt="WalletGuard Audit Badge" />
</a>

Secured by WalletGuard

How We Audit View all reports for this contractUID: 0xba4bb382...a4cfbfThis report was produced by generic vulnerability pattern matching.

Modelsonnet

Duration4.5m

CostN/A

Tokens- in / - out

Source verified via Etherscan