FIVA Evaa Integration

Type

Security review

Client

FIVA

Date

2025-05

Domain

Blockchain

Effort

6 wks

Section

TON

Trail of Bits's security review of FIVA (May 2025) identified 4 issues: 2 high, 1 low, and 1 informational.

Findings · 4

1 Insufficient access control checks in the supply_excess message handler of the EvaaSYMinter contract High
2 Insufficient access control checks in the supply_fail_excess message handler of the EvaaSYMinter contract High
3 Insufficient access control checks in the withdraw_success message handler of the EvaaSYMinter contract Informational
4 Users can benefit by sandwiching the index update message to the EvaaSYMinter contract Low

Findings extracted from the published report PDF. See the full report below for details and remediation.

Open the PDF ↗