All Reports
TokenTable Solana Unlocker V2 Follow-Up

TokenTable Solana Unlocker V2 Follow-Up

2025-04-16
Download PDF
Critical0
High0
Medium0
Low3
Info5

About the Protocol

Follow-up audit of the Solana Unlocker V2 and Fee Collector programs after initial remediation.

Findings (8)

L-01LowFixed

Rent is refunded to the wrong address when pending_amount_claimable account is closed

Account closure sends rent to incorrect recipient.

L-02LowFixed

The _preset_is_empty function should not consider num_of_unlocks_for_each_linear

Empty preset check incorrectly considers streaming-related fields.

L-03LowFixed

Creation of pending_amount_claimable_for_cancelled_actuals account may lead to rent loss

Account creation can result in unrecoverable rent when balance is zero.

I-01InfoFixed

Allow the fee_collector to be set arbitrarily during initialization

Fee collector can be set to arbitrary address when init_fee_account is false.

I-02InfoFixed

Changing the fee_collector to a different program will cause instructions to fail

Switching fee collector programs breaks existing instructions.

Ready to Secure Your Project?

Let's discuss your project and ensure your security!