Swap Coffee TON DEX

Findings · 7

1. 1 Token minting vulnerability in LP token notification handling High
2. 2 Incorrect logical operator in reserve ratio validation allows out-of-range ratios Medium
3. 3 Single-step upgrades and ownership changes Low
4. 4 Malformed admin update data High
5. 5 Spoofable transaction initiator allows unauthorized creation of stable pools Low
6. 6 Arbitrary messages can be executed via vault notification messages High
7. 7 Incorrect message value accounting Informational

Findings extracted from the published report PDF. See the full report below for details and remediation.