All Reports
TokenTable Merkle Distributor

TokenTable Merkle Distributor

2025-04-28
Download PDF
Critical0
High0
Medium1
Low1
Info2

About the Protocol

EVM merkle-proof-based token distribution contracts supporting ERC-20 and NFT claims.

Findings (4)

M-01MediumFixed

Incorrect Withdrawal Implementation May Lead to Lock of Unclaimed NFTs

Withdrawal logic may permanently lock unclaimed NFTs in the contract.

L-01LowFixed

Upgrade Permission for the Protocol Assigned to the Project Owner

Upgrade authority incorrectly assigned to the project owner.

I-01InfoAcknowledged

NFT Fee Handling is Incompatible with BIPS Type of Fees

NFT distribution fees cannot work with basis-point fee model.

I-02InfoAcknowledged

getClaimDelegate Function Not Blocked When Delegated Claiming is Disabled

Delegate query function remains accessible when delegation is disabled.

Ready to Secure Your Project?

Get a free 30-minute security assessment. We will review your codebase scope and flag the top 3 risk areas.

No commitment required. Typical audits start within 1–2 weeks.

audits@codespect.xyz