Taraxa Ficus Bridge

Findings · 7

1. 1 Lack of safeTransfer usage for ERC20 High
2. 2 The add function can revert Informational
3. 3 G1 and G2 from method lack field point validation Informational
4. 4 Missing validation allows signatures to be duplicated to finalize any PillarBlock High
5. 5 Incorrect mapping key used in validation inside registerContract Informational
6. 6 Reentrancy in applyState can lead to breaking the contract and stealing hook-enabled tokens High
7. 7 Confusing application of settlementFee to locking native assets Informational

Findings extracted from the published report PDF. See the full report below for details and remediation.