Gensyn Buyback-and-Burn Vault

Type

Security review

Client

Gensyn

Date

2026-04

Domain

Blockchain

Effort

1 wk

Section

Ethereum/EVM

Trail of Bits's security review of Gensyn (Apr 2026) identified 4 issues: 3 low, and 1 informational.

Findings · 4

1 ETH and WETH epoch volume limits are tracked independently, allowing double the intended volume Low
2 Changing aiToken silently invalidates all approved paths and leaves stale path state Low
3 Approved path pools are not validated against the Uniswap V3 factory Low
4 Invariant test suite has no effective buyback coverage due to ghost variable underflow Informational

Findings extracted from the published report PDF. See the full report below for details and remediation.

Open the PDF ↗