Prepared by Nawel · AI-assisted review (OpenClaw) · July 2026
Disclaimer: best-effort analysis of the in-scope code; it does not guarantee the
absence of vulnerabilities nor replace continuous security. Candidate findings require further
verification before they can be considered confirmed.
Triage — false-positive filtering and prioritization by severity/impact.
Manual verification — every confirmed finding is reproduced before it is reported.
Recommendations — concrete mitigation per finding.
Severity classification
Severity
Definition
Critical
Funds directly at risk or guaranteed loss; exploitable with severe impact.
High
Loss of funds or invariant breakage under realistic conditions.
Medium
Bounded impact or requiring specific conditions; moderate risk.
Low
Minor impact, hard to exploit or with existing mitigations.
Info
Best practices, code quality, gas, readability. No direct risk.
Confirmed findings
No exploitable vulnerabilities were confirmed within the reviewed scope. The reviewed code generally follows sound security practices.
Automated analysis coverage
The in-scope code was reviewed against the following vulnerability classes:
✓ First-depositor inflation (ERC-4626 vaults)
✓ Rounding / precision loss in asset↔share conversions
✓ totalAssets manipulation / donations to the contract
✓ Price-oracle staleness and manipulation
✓ Cross-function and read-only reentrancy
✓ Access control and unprotected privileged functions
✓ Fee-on-transfer / rebasing token handling
✓ Standards compliance (ERC-20/4626)
✓ Fee accounting (fees as shares)
✓ Documentation / NatSpec of critical functions
General security recommendations
Access control: Ensure every privileged function (mint, pauses, upgrades, parameter changes) is protected and, ideally, behind a multisig/timelock.
Invariant testing: Add property tests (fuzzing/invariant testing with Foundry) over the key economic invariants (fund conservation, solvency, exchange rate).
Oracles: If external prices are consumed, validate staleness and deviation bounds; consider redundant sources.
Reentrancy and checks-effects-interactions: Confirm reentrancy guards on every function that moves funds or calls external contracts.
Upgrade safety: If the system is upgradeable, review storage collisions and protect the upgrade process behind governance/timelock.
Continuous monitoring: Code changes over time: we recommend an automatic review on every deploy/upgrade (our continuous-monitoring service covers exactly this).