Security Audit Report

WalletGuard.ai, powered by Gestalt Labs

April 17, 2026

ID: 6d48c15f

0xc0e9...3e28EVMBench: 2024-07-munchablesv1View audit historyEthereumLive TargetCritical Risk

Verified on BaseVerify externally Prompt 0xd29afd...

Apr 17, 2026, 06:01

Standard AuditModel: Claude Sonnet 4.6

What you got

Tier: Standard ($29)
Model: Sonnet
Specialists completed: 9 of 9

Risk Level: Critical Risk

Efficiency

0C9H13M11L

33 security | 2 code quality | 4 gas

9 High: across 5 files

In-Scope Security Score Guide

8.0 - 10.0Low Risk. No critical issues. Safe for interaction.

5.0 - 7.9Moderate Risk. Some issues found. Review before interacting.

1.0 - 4.9High/Critical Risk. Significant vulnerabilities detected.

Score is based on 39 findings from 10 specialist agents.

Exploit Analysis

Findings selected for deep verification. Where possible we generated a Solidity proof-of-concept and executed it against a forked mainnet.

Architectural

Architectural Risk

low

ConfigStorage.notify() Calls All Notifiable Addresses On Every Set Operation

File: src/config/ConfigStorage.solFunction: notifyLines: 225-229

Why no PoC

Pattern, not single-tx exploit

Exploitability

8.8 / 10

Architectural Risk

low

LandManager._farmPlots loops over unbounded munchablesStaked array

File: src/managers/LandManager.solFunction: _farmPlotsLines: 201-253

Why no PoC

Pattern, not single-tx exploit

Exploitability

6.8 / 10

Executive Summary

The analyzed contract is part of a multi-component NFT gaming protocol (Munchables) involving land management, lock mechanisms, migration, rewards, and player account systems. The analysis identified 0 critical, 7 high, 12 medium, 9 low, and 5 informational findings across 39 total deduplicated submissions. The single most dangerous pattern is the pervasive incorrect StorageKey usage in LandManager combined with unbounded schnibble inflation via the NFTOracle role, which together can break all economic logic and allow unlimited in-game currency minting. Overall, the contract system is unsafe for production deployment in its current state; multiple high-severity logic errors would result in direct fund loss, permanent economic imbalance, and broken core gameplay mechanics.

Critical Highlights

highLandManager reads configuration values using wrong StorageKeys

The LandManager contract reads critical game parameters (tax rates, farming rates, plot prices) using the wrong lookup keys. Instead of reading numeric configuration values, it reads contract address slots, which typically return zero or garbage values. This means the farming economy is completely broken: tax rates will be wrong, plot count calculations will fail (likely reverting with a division-by-zero), and farming rewards will be incorrect for all players.

highremoveSpray Can Underflow Silently in unclaimedSchnibbles

The NFTOracle role can call the reward spray function an unlimited number of times with no cooldown or total cap. Because schnibbles convert into protocol points and ultimately into MunchTokens, a compromised or malicious NFTOracle key could mint an unlimited supply of game currency for any address, completely destroying the token economy.

highSnuggeryManager.pet calculates petterSchnibbles and pettedSchnibbles with extra 1e18 multiplication

Every time one player pets another, the schnibble reward is multiplied by 1e18 more than it should be. Since the base value already includes an 1e18 factor for precision, the result is astronomically large (roughly 6.3 followed by 34 zeros). Any player can pet another player once every 10 minutes to instantly accumulate enough schnibbles to max out their NFTs, rendering the entire progression system meaningless.

33 Security Findings | 2 Code Quality | 4 Gas Optimizations

high(9)

medium(13)

low(11)

Code Quality Observations(2)

Gas Optimizations(4)

Decentralization

2 centralization points identified

MigrationManager LOCAL_ADMIN is set in constructor and cannot be changed

Loss of the deployer key permanently disables all migration management functions with no recovery path; relevant as a property the buyer should know about.

constructor()

LockManager._lock does not enforce lockdrop has started before allowing locks

Locking outside the lockdrop window is permitted by design but yields no NFTs; users may be confused about receiving no NFTs, and the MigrationManager bypass is documented as intentional. This is a design property to disclose.

_lock()

Attack Chain Analysis

NFTOracle Schnibble Inflation to Token Drainhigh

The NFTOracle role can call rewardSpray repeatedly with no cap (Finding 31: removeSpray/rewardSpray unbounded inflation), crediting unlimited schnibbles to any address. Those schnibbles translate to protocol points via ClaimManager. The getRole/onlyRole confusion (Finding 32) may further allow an improperly configured role to bypass intended access controls on spray functions. Combined, a compromised or misconfigured NFTOracle key can inflate schnibbles for colluding players who then convert them to MunchTokens, effectively draining any token reserves allocated for point conversion.

removeSpray Can Underflow Silently in unclaimedSchnibblesgetRole Uses msg.sender Which Is ConfigStorage Itself When Called Via onlyRole Modifier

Pet Schnibble Overflow Enabling Instant NFT Max Progressionhigh

The extra 1e18 multiplication in SnuggeryManager.pet (Finding 16) gives astronomically large schnibble balances per pet action. The unrestricted rewardSpray (Finding 31) can further stack on top of this. A player who both exploits the pet bug and receives spray rewards can achieve maximum NFT chonk/level instantly, then convert points to tokens. The LandManager wrong StorageKey bug (Finding 4) may additionally cause division-by-zero on plot pricing, preventing admin intervention via reconfiguration.

SnuggeryManager.pet calculates petterSchnibbles and pettedSchnibbles with extra 1e18 multiplicationremoveSpray Can Underflow Silently in unclaimedSchnibblesLandManager reads configuration values using wrong StorageKeys

Unrestricted Yield Claim Enabling Reward Redirectionhigh

claimYieldForContracts and claimGasFeeForContracts have no access control (Finding 9), allowing any caller to trigger Blast yield claims for arbitrary contract addresses. Combined with reassignBlastGovernor having no access control (Finding 10), an attacker can first deploy a contract that reports RewardsManager as its governor, reassign that contract's governor to themselves, and then call claimYieldForContracts with their contract to redirect yield flows outside the protocol.

claimYieldForContracts and claimGasFeeForContracts lack access controlreassignBlastGovernor lacks access control and can be exploited

Agent Coverage

Agent	Status	Findings	Severity	Confidence	Duration	Coverage
reentrancy	success	8	1H3M2L	79%	1.5m	Classic reentrancy patterns (external call before state update) in all manager contracts, Cross-function reentrancy in LandManager._farmPlots and LockManager, ERC-777 callback reentrancy via token transfers in LockManager and MigrationManager, CEI pattern compliance in LockManager.lock, unlock, lockOnBehalf, CEI pattern compliance in MigrationManager.lockFundsForAllMigration and migratePurchasedNFTs, nonReentrant modifier placement and coverage in LockManager and MigrationManager, Read-only reentrancy via view functions (getLockedWeightedValue, getTotalChonk), Cross-contract state sharing between AccountManager, LandManager, LockManager, ERC-1155 callback patterns (not applicable - contract uses ERC-721), Flash loan callback patterns in RewardsManager, UUPS upgrade authorization in BaseConfigStorageUpgradeable, Access control on admin functions across all contracts, ConfigStorage notification mechanism and reentrancy through notify(), MigrationManager rescue function correctness, AccountManager spray proposal duplicate detection logic, LandManager configuration key mapping correctness
access control	success	10	2H2M	80%	1.8m	Access control on all public/external functions across all contracts, Initializer protection in upgradeable contracts (AccountManager, ClaimManager, LandManager, SnuggeryManager), Ownership and role patterns in ConfigStorage (Ownable), BaseConfigStorage (role-based modifiers), UUPS upgrade authorization via _authorizeUpgrade, Signature verification patterns (none found - no ecrecover usage), Delegatecall patterns (none found in custom code - only OZ proxy), Selfdestruct patterns (none found), tx.origin usage (none found for authorization), Reentrancy patterns in LockManager (ReentrancyGuard present), MigrationManager (ReentrancyGuard present), Storage collision in UUPS proxy pattern, Cross-contract authentication via onlyConfiguredContract modifiers, ConfigStorage key overloading/misuse in LandManager and AccountManager, MigrationManager rescue function correctness, RewardsManager yield claim access control, Mock contracts with unprotected state-modifying functions, Arithmetic safety (Solidity 0.8.x checked arithmetic), ERC20 transfer patterns in FundTreasuryDistributor and LockManager
economic	success	14	2H4M1L	77%	2.8m	Flash loan attack vectors - no token balance dependency for pricing found, Oracle manipulation - no external price feeds (Chainlink, Pyth, etc.) used; prices are set via multi-sig oracle role mechanism, LockManager USD price update mechanism - multi-sig with approve/disapprove thresholds, Governance attacks - no governance token or voting mechanism; role-based access, MEV/sandwich exposure - no DEX swaps in protocol, Reward calculation logic in AccountManager, ClaimManager, SnuggeryManager, Reentrancy - LockManager and MigrationManager use ReentrancyGuard correctly, Access control on all external functions, LandManager configuration loading (found wrong StorageKey usage), AccountManager LandManager address loading via PrimordialsEnabled, MigrationManager payment validation ordering, SnuggeryManager pet schnibble calculation, ClaimManager referral bonus inflation, ConfigStorage notify() gas concerns, UUPS upgrade authorization (onlyAdmin), Integer overflow/underflow (Solidity 0.8.x), Fee-on-transfer token handling in LockManager (SafeERC20 used), Flash loan guards on lock/unlock, Staking reward dilution - not applicable (continuous accrual model), LP token pricing - not applicable, Chainlink/Pyth/Chronicle oracle patterns - not used, L2 sequencer uptime - deployed on Ethereum mainnet (Chain ID 1)
logic validation	success	11	1H1M2L	76%	1.6m	Input validation and parameter bounds across all contracts, StorageKey usage consistency between ConfigStorage and consuming contracts, LandManager configuration loading with incorrect StorageKeys, AccountManager LandManager integration via PrimordialsEnabled key, FundTreasuryDistributor ETH amount validation in multi-bag scenarios, MigrationManager rescue function ERC20 transfer pattern, MigrationManager access control on migrateAllNFTs, SnuggeryManager pet schnibble calculation units, ClaimManager period points excess calculation, AccountManager spray proposal duplicate detection, LandManager _farmPlots loop bounds and gas consumption, RewardsManager unchecked access to claimYieldForContracts, Integer overflow/underflow in unchecked blocks, Reentrancy patterns in LockManager (protected by ReentrancyGuard), UUPS upgrade authorization, ConfigStorage notification DoS vector, removeSpray underflow protection
code quality	success	14		84%	2.7m	ERC-20 conformance (MunchToken, TestBlastERC20Token, TestERC20Token), ERC-721 conformance (MunchNFT, OldMunchNFT), UUPS upgrade safety (AccountManager, ClaimManager, SnuggeryManager, LandManager), Access control modifiers (onlyConfiguredContract, onlyRole, onlyAdmin, onlyLocalAdmin), Reentrancy guards (LockManager, MigrationManager), Integer overflow/underflow (Solidity 0.8.x checked arithmetic, explicit downcasts), Storage key misuse in LandManager._reconfigure, Cross-contract state consistency in LandManager._farmPlots, Payment validation ordering in MigrationManager.migratePurchasedNFTs, Spray proposal duplicate check mechanism, RewardsManager access control on yield/gas claim functions, ConfigStorage notify() gas griefing potential, Schnibbles precision and scale consistency, getSubAccounts pagination logic, rescue() function ERC20 transferFrom vs transfer, MunchNFT transfer hook ordering, ClaimManager period claim logic
compiler bugs	success	5	1H	87%	56.8s	StorageKey aliasing and misconfiguration in LandManager and AccountManager, Access control on all external/public functions, Arithmetic safety in schnibble accounting (removeSpray, feed), Migration flow ordering and ETH validation, Reentrancy in LockManager.lock/unlock (ReentrancyGuard present), UUPS upgrade authorization (_authorizeUpgrade requires onlyAdmin), ConfigStorage notification loop (DoS risk from notify() with many contracts), Schnibble spray proposal duplicate player check logic, Tax rate calculations in LandManager with incorrect constants, Compiler version 0.8.25 - no known critical solc bugs for this version, ABIEncoderV2 - not explicitly enabled, default in 0.8.x, no storage array return pattern matching the 0.4.7-0.5.9 bug, RewardsManager yield/gas claiming access control, MigrationManager ordering of validation vs state changes
assembly safety	success	12	1M2L	82%	2.1m	Full codepoint scan for non-ASCII characters, RTLO (U+202E), zero-width characters, and homoglyphs in all identifiers and strings, Assembly blocks - only one found in NFTOverlord._toUint256 (benign bytes32->uint256 cast), StorageKey misuse in LandManager._reconfigure() - reading address-typed keys as uint values, Access control on all public/external functions across all contracts, Reentrancy patterns in LockManager, MigrationManager (nonReentrant guards present), Integer overflow/underflow in schnibble arithmetic (Solidity 0.8.x checked math), ERC20 transfer safety (SafeERC20 usage vs raw transfer), UUPS upgrade authorization (onlyAdmin correctly applied), Oracle/price manipulation in LockManager USD price proposal flow, Flash loan attack surface (no flash loans used in protocol), Timestamp dependence in lock/harvest calculations, Checks-effects-interactions in exportMunchable, unlock, lockFundsForAllMigration, ETH value validation in FundTreasuryDistributor and migratePurchasedNFTs, Points emission logic in ClaimManager newPeriod and _claimPoints, ConfigStorage notification DoS potential, Migration data loading and sealing in MigrationManager, Sub-account management in AccountManager, Spray proposal duplicate detection logic
l2 specific	success	15	2L	77%	2.7m	LandManager configuration and StorageKey usage, AccountManager configuration, schnibble spray logic, and sub-account management, LockManager locking, unlocking, USD price oracle proposal flow, ClaimManager points distribution and period management, SnuggeryManager pet, feed, import/export operations, MigrationManager NFT migration, locking, burning, and rescue function, RewardsManager yield claiming and governor reassignment, BonusManager bonus calculations, NFTOverlord reveal and level-up logic, ConfigStorage notification mechanism and access control, MunchNFT transfer hooks and blacklisting, BaseBlastManager governor configuration, Cross-contract call patterns and CEI violations, Arithmetic overflow/underflow in schnibble calculations, Access control on all external functions, UUPS upgrade authorization, Storage key collision in upgradeable contracts
upgrade	success	14	2H2M2L	79%	2.9m	UUPS proxy pattern - _authorizeUpgrade access control in BaseConfigStorageUpgradeable, disableInitializers calls in all upgradeable contract constructors, Storage layout across inheritance chain for upgradeable contracts, Initialization risks - initialize() function access and re-entrancy, ConfigStorage role lookup mechanics and getRole vs getUniversalRole distinction, LandManager configuration loading with incorrect StorageKey usage, AccountManager schnibble spray functions and duplicate detection, ClaimManager points accounting and period management, LockManager token locking/unlocking with reentrancy guards, MigrationManager rescue function and migration payment flow, RewardsManager access control on yield claiming functions, RewardsManager governor reassignment without access control, SnuggeryManager chonk calculation and global state tracking, MunchNFT transfer hooks and blacklist enforcement, NFTOverlord reveal queue and RNG request handling, LandManager _farmPlots multi-landlord state update bug, Integer overflow/underflow in schnibble calculations, ERC-1967 implementation slot manipulation, Cross-contract reentrancy through accountManager.updatePlayer callbacks

Scope and Methodology

Target0xc0e9da8267260ea1e3a4125c173bb6c3ad443e28

ChainEthereum

Proxy Patternuups

Complexitycomplex

Standards DetectedERC20, ERC721, ERC721Enumerable, ERC721URIStorage

Analysis ModelClaude Sonnet 4.6

Specialist Agents10

Agent Types

reentrancyaccess controleconomiclogic validationcode qualitycompiler bugsassembly safetyl2 specificupgrade

Scope TemplateNFT/Marketplace (auto-selected)

MethodologyAutomated multi-agent analysis. Each specialist agent independently reviews the contract source code for vulnerabilities in its domain. Findings are deduplicated, scored, and synthesized into this report.

Findings are gated by demonstrated exploit feasibility against the analyzed contract. Observations that describe accepted blockchain behavior, consensus-layer issues, or infeasible preconditions are excluded from scored findings. See scope policy.

Severity Classification

CriticalDirect loss of funds or complete protocol compromise. Exploitable with high likelihood. Requires immediate remediation.

HighSignificant risk to funds or protocol integrity. Conditionally exploitable or requires specific circumstances. Should be fixed before deployment.

MediumLimited or conditional impact. May require unlikely conditions to exploit. Should be addressed but not blocking.

LowMinor impact. Best practice deviations, minor inefficiencies. Fix when convenient.

InformationalNo direct security impact. Code quality observations, gas optimizations, style recommendations.

Limitations

This automated audit has inherent limitations. The following areas are not covered.

-Business logic correctness: The audit matches code patterns against known vulnerability classes but cannot verify that schnibble emission rates, lock bonus schedules, tax rate ranges, or migration discount factors reflect the intended game design specification.
-Off-chain component security: Admin key management for the NFTOracle role, LOCAL_ADMIN deployer key, and multi-sig USD price proposal signers are outside scope. Compromise of these keys enables attacks not detectable through contract analysis alone.
-Economic modeling: The viability of the MunchToken conversion rate, the long-term sustainability of point-to-token redemption pools, and whether the schnibble economy balances under normal player behavior cannot be assessed through static analysis.
-Cross-protocol composability: Interactions with external Blast yield infrastructure, USDB/WETH token contracts, and any future integrations (DEX listings, bridge interactions) beyond what is directly called in the analyzed contracts are not covered.
-Governance social dynamics: The protocol relies on multi-sig role holders (Social_1 through Social_3, NFTOracle, ClaimYield) behaving honestly. Collusion between key holders, bribery, or social engineering of role assignees cannot be detected by contract analysis.
-Upgrade safety over time: While UUPS upgrade authorization is verified for current contracts, future implementation upgrades may introduce storage layout collisions or logic regressions that are not detectable against the current codebase snapshot.

Disclaimer

This report is an automated point-in-time assessment and does not guarantee protection against all possible attacks. It does not cover off-chain components, economic modeling, or business logic correctness unless explicitly noted. Changes to the contract after the audit commit are not reviewed. This is not financial or legal advice. WalletGuard, powered by Gestalt Labs, provides this analysis as-is with no warranty of completeness.

Embed Badge

Markdown

[![WalletGuard Audit](https://walletguard.ai/api/badge/6d48c15f-9a96-4cd4-8417-f6a72e7493e9)](https://walletguard.ai/audit/6d48c15f-9a96-4cd4-8417-f6a72e7493e9)

HTML

<a href="https://walletguard.ai/audit/6d48c15f-9a96-4cd4-8417-f6a72e7493e9">
  <img src="https://walletguard.ai/api/badge/6d48c15f-9a96-4cd4-8417-f6a72e7493e9" alt="WalletGuard Audit Badge" />
</a>

Secured by WalletGuard

How We Audit View all reports for this contractUID: 0xbd9b6fca...ec0c81This report was produced by generic vulnerability pattern matching.

Modelsonnet

Duration6.3m

CostN/A

Tokens- in / - out

Source verified via Etherscan