Franklin Templeton BenjiSwap Differential Review

Findings · 7

1. 1 depositFrom and swapFrom allow the owner to pull tokens from any user with an active swap approval Medium
2. 2 Fee-on-transfer tokens allowlisted for inbound swaps become trapped in the treasury Medium
3. 3 minAmountInByPair uses a direction-independent hash, preventing per-direction minimum swap amounts Low
4. 4 Custody-altering functions setTreasury and setTokenHeldInContract do not require the contract to be paused Low
5. 5 Stale pendingTreasury survives custody mode migration, allowing unilateral treasury injection Low
6. 6 swapFrom reimplements core swap logic with multiple behavioral divergences from _executeSwap Informational
7. 7 Destination override approvals are self-granted, making amount and deadline limits unenforceable Informational

Findings extracted from the published report PDF. See the full report below for details and remediation.