archon.audit.report
100.0
Mantle Mainnet
risk:100
verified
Feedback #21
For agent 97 on Mantle Mainnet · 2026-06-18
From
via
https://archonaudit.xyz/app/proofs
Block
tx ↗
#96834352
Off-chain feedback document
raw JSON
{
"chain": {
"name": "Mantle Mainnet",
"chainId": 5000
},
"report": {
"id": "53a4635d-da98-4cb4-b77b-351ff481b947",
"scope": {
"pragma": "^0.8.24",
"network": "mantle-mainnet",
"lineCount": 67,
"protocols": [
"mETH",
"cmETH",
"USDY",
"Aave V3",
"Merchant Moe",
"Agni"
],
"sourceKind": "paste",
"aiReasoning": {
"hits": 0,
"total": 21,
"misses": 21,
"batches": 11,
"reasons": {},
"skipped": 0,
"enriched": 21,
"provider": "tokenhub",
"timeoutMs": 75000,
"fallbackCount": 0,
"providersUsed": [
"Tencent Cloud TokenHub (deepseek-v4-pro)",
"OpenAI (gpt-4o-mini)"
]
},
"reducedMode": null,
"solcVersion": "0.8.24",
"gasOptimizer": {
"pricing": {
"mode": "calibrated-receipts",
"pricedAt": "2026-06-18T16:07:27.018Z",
"l2GasPriceWei": "50000100000",
"deployDataFeeMnt": "0.00936577625075224",
"deployDataFeeWei": "9365776250752240",
"calldataZeroBytes": 608,
"calibrationErrorPct": 0,
"calldataGasEstimate": 37184,
"calldataNonZeroBytes": 2172,
"creationBytecodeBytes": 2780
},
"daPricing": {
"model": {
"mode": "calibrated-receipts",
"samples": [
{
"txHash": "0x82d99588e5f1bff33d618743025d598445493032637de25844a67aa8e88088ef",
"l1FeeWei": "699231354481640",
"l1GasUsed": "2530",
"zeroBytes": 135,
"l1GasPrice": "538782662",
"totalBytes": 228,
"blobGasUsed": "63200",
"blockNumber": "96205628",
"nonZeroBytes": 93,
"l1BlobBaseFee": "330004069609410902",
"l1BaseFeeScalar": "169019",
"operatorFeeScalar": "100000000",
"calldataGasEstimate": 2028,
"l1BlobBaseFeeScalar": "0",
"operatorFeeConstant": "0",
"daFootprintGasScalar": "400"
},
{
"txHash": "0xb9ce87de86b212b91eb64012bbdab91014373da1f6d960470b340e1991a1a7c5",
"l1FeeWei": "6874261528561290",
"l1GasUsed": "22258",
"zeroBytes": 28,
"l1GasPrice": "603039864",
"totalBytes": 1945,
"blobGasUsed": "556400",
"blockNumber": "96205472",
"nonZeroBytes": 1917,
"l1BlobBaseFee": "321479049246759320",
"l1BaseFeeScalar": "169019",
"operatorFeeScalar": "100000000",
"calldataGasEstimate": 30784,
"l1BlobBaseFeeScalar": "0",
"operatorFeeConstant": "0",
"daFootprintGasScalar": "400"
}
],
"validation": [
{
"txHash": "0x82d99588e5f1bff33d618743025d598445493032637de25844a67aa8e88088ef",
"errorPct": 0,
"actualL1FeeWei": "699231354481640",
"predictedL1FeeWei": "699231354481572"
},
{
"txHash": "0xb9ce87de86b212b91eb64012bbdab91014373da1f6d960470b340e1991a1a7c5",
"errorPct": 0,
"actualL1FeeWei": "6874261528561290",
"predictedL1FeeWei": "6874261528560500"
}
],
"sampleCount": 2,
"zeroByteFeeWei": "2736708878864",
"nonZeroByteFeeWei": "3545974793924",
"maxValidationErrorPct": 0,
"meanValidationErrorPct": 0
},
"source": "receipt-calibrated",
"groundTruthField": "l1Fee"
},
"sourceHash": "0xa89b94f1a6246a4a49d0a2c9405dbbcfc4de848bec05caaa8d2b029f0ca8b47e",
"measurement": {
"forge": {
"ok": false,
"error": "Error (7576): Undeclared identifier.",
"command": "forge test --gas-report",
"attempted": true,
"gasReport": null
},
"source": "deterministic-estimate",
"status": "degraded",
"patches": [
{
"note": "Review-only patch is not auto-applied for measurement.",
"after": "Use the smallest ABI-safe integer width only when the domain is bounded and documented.",
"before": "function supply(address asset, uint256 amount, address onBehalfOf, uint16 referralCode) external;",
"ruleId": "calldata-smaller-types",
"safety": "review",
"status": "skipped",
"l2GasDelta": null,
"l1DaDeltaWei": null
},
{
"note": "Review-only patch is not auto-applied for measurement.",
"after": "Use the smallest ABI-safe integer width only when the domain is bounded and documented.",
"before": "function withdraw(address asset, uint256 amount, address to) external returns (uint256);",
"ruleId": "calldata-smaller-types",
"safety": "review",
"status": "skipped",
"l2GasDelta": null,
"l1DaDeltaWei": null
},
{
"note": "Review-only patch is not auto-applied for measurement.",
"after": "Use the smallest ABI-safe integer width only when the domain is bounded and documented.",
"before": "function borrow(address asset, uint256 amount, uint256 interestRateMode, uint16 referralCode, address onBehalfOf) external;",
"ruleId": "calldata-smaller-types",
"safety": "review",
"status": "skipped",
"l2GasDelta": null,
"l1DaDeltaWei": null
},
{
"note": "Review-only patch is not auto-applied for measurement.",
"after": "Use the smallest ABI-safe integer width only when the domain is bounded and documented.",
"before": "function repay(address asset, uint256 amount, uint256 interestRateMode, address onBehalfOf) external returns (uint256);",
"ruleId": "calldata-smaller-types",
"safety": "review",
"status": "skipped",
"l2GasDelta": null,
"l1DaDeltaWei": null
},
{
"note": "Review-only patch is not auto-applied for measurement.",
"after": "Use the smallest ABI-safe integer width only when the domain is bounded and documented.",
"before": "function withdraw(uint256 amount) external;",
"ruleId": "calldata-smaller-types",
"safety": "review",
"status": "skipped",
"l2GasDelta": null,
"l1DaDeltaWei": null
},
{
"note": "Review-only patch is not auto-applied for measurement.",
"after": "Use the smallest ABI-safe integer width only when the domain is bounded and documented.",
"before": "function approve(address spender, uint256 amount) external returns (bool);",
"ruleId": "calldata-smaller-types",
"safety": "review",
"status": "skipped",
"l2GasDelta": null,
"l1DaDeltaWei": null
},
{
"note": "Review-only patch is not auto-applied for measurement.",
"after": "Use the smallest ABI-safe integer width only when the domain is bounded and documented.",
"before": "function transferFrom(address from, address to, uint256 amount) external returns (bool);",
"ruleId": "calldata-smaller-types",
"safety": "review",
"status": "skipped",
"l2GasDelta": null,
"l1DaDeltaWei": null
},
{
"note": "Review-only patch is not auto-applied for measurement.",
"after": "Use the smallest ABI-safe integer width only when the domain is bounded and documented.",
"before": "function withdrawETH(uint256 amount, address to) external {",
"ruleId": "calldata-smaller-types",
"safety": "review",
"status": "skipped",
"l2GasDelta": null,
"l1DaDeltaWei": null
},
{
"note": "Review-only patch is not auto-applied for measurement.",
"after": "Use the smallest ABI-safe integer width only when the domain is bounded and documented.",
"before": "function borrowETH(uint256 amount, uint256 interestRateMode, uint16 referralCode) external {",
"ruleId": "calldata-smaller-types",
"safety": "review",
"status": "skipped",
"l2GasDelta": null,
"l1DaDeltaWei": null
},
{
"note": "Review-only patch is not auto-applied for measurement.",
"after": "Use the smallest ABI-safe integer width only when the domain is bounded and documented.",
"before": "function repayETH(uint256 amount, uint256 interestRateMode, address onBehalfOf) external payable {",
"ruleId": "calldata-smaller-types",
"safety": "review",
"status": "skipped",
"l2GasDelta": null,
"l1DaDeltaWei": null
},
{
"note": "Foundry measurement unavailable; deterministic rule estimate retained and clearly labeled.",
"after": "error INSUFFICIENTMSGVALUE(); … if (!(condition)) revert INSUFFICIENTMSGVALUE();",
"before": "require(msg.value >= amount, \"INSUFFICIENT_MSG_VALUE\");",
"ruleId": "custom-errors",
"safety": "safe",
"status": "estimated",
"l2GasDelta": 120,
"l1DaDeltaWei": null
}
],
"version": "archon.gasMeasurement.v1",
"measuredAt": "2026-06-18T16:07:27.305Z",
"rulesetHash": "24bebf2f9dbcdabd67c113fafae602c55dd75c2246ad20666c7263fe870f7b8d",
"contractHash": "a89b94f1a6246a4a49d0a2c9405dbbcfc4de848bec05caaa8d2b029f0ca8b47e"
},
"opportunities": [
{
"id": "calldata-smaller-types",
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"after": "Use the smallest ABI-safe integer width only when the domain is bounded and documented.",
"patch": {
"newText": " function supply(address asset, uint256 amount, address onBehalfOf, uint16 referralCode) external; // REVIEW: bounded calldata params may be packable/smaller in structs or encoded batches",
"oldText": " function supply(address asset, uint256 amount, address onBehalfOf, uint16 referralCode) external;"
},
"title": "Review calldata parameter width",
"where": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol:8",
"before": "function supply(address asset, uint256 amount, address onBehalfOf, uint16 referralCode) external;",
"safety": "review",
"newText": " function supply(address asset, uint256 amount, address onBehalfOf, uint16 referralCode) external; // REVIEW: bounded calldata params may be packable/smaller in structs or encoded batches",
"oldText": " function supply(address asset, uint256 amount, address onBehalfOf, uint16 referralCode) external;",
"category": "calldata",
"severity": "low",
"lineStart": 8,
"rationale": "For individual ABI params uint256 still occupies a full word, but bounded types help packed structs/batches and prevent redundant calldata.",
"confidence": 0.55,
"estL1Delta": 16,
"estL2Delta": null,
"annualizedBasis": "Receipt-calibrated DA estimate for calldata/data bytes; exact deltas require V2.1.2 harness measurement.",
"estimatedGasSaved": null,
"estimatedDataBytesSaved": 16
},
{
"id": "calldata-smaller-types",
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"after": "Use the smallest ABI-safe integer width only when the domain is bounded and documented.",
"patch": {
"newText": " function withdraw(address asset, uint256 amount, address to) external returns (uint256); // REVIEW: bounded calldata params may be packable/smaller in structs or encoded batches",
"oldText": " function withdraw(address asset, uint256 amount, address to) external returns (uint256);"
},
"title": "Review calldata parameter width",
"where": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol:9",
"before": "function withdraw(address asset, uint256 amount, address to) external returns (uint256);",
"safety": "review",
"newText": " function withdraw(address asset, uint256 amount, address to) external returns (uint256); // REVIEW: bounded calldata params may be packable/smaller in structs or encoded batches",
"oldText": " function withdraw(address asset, uint256 amount, address to) external returns (uint256);",
"category": "calldata",
"severity": "low",
"lineStart": 9,
"rationale": "For individual ABI params uint256 still occupies a full word, but bounded types help packed structs/batches and prevent redundant calldata.",
"confidence": 0.55,
"estL1Delta": 16,
"estL2Delta": null,
"annualizedBasis": "Receipt-calibrated DA estimate for calldata/data bytes; exact deltas require V2.1.2 harness measurement.",
"estimatedGasSaved": null,
"estimatedDataBytesSaved": 16
},
{
"id": "calldata-smaller-types",
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"after": "Use the smallest ABI-safe integer width only when the domain is bounded and documented.",
"patch": {
"newText": " function borrow(address asset, uint256 amount, uint256 interestRateMode, uint16 referralCode, address onBehalfOf) external; // REVIEW: bounded calldata params may be packable/smaller in structs or encoded batches",
"oldText": " function borrow(address asset, uint256 amount, uint256 interestRateMode, uint16 referralCode, address onBehalfOf) external;"
},
"title": "Review calldata parameter width",
"where": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol:10",
"before": "function borrow(address asset, uint256 amount, uint256 interestRateMode, uint16 referralCode, address onBehalfOf) external;",
"safety": "review",
"newText": " function borrow(address asset, uint256 amount, uint256 interestRateMode, uint16 referralCode, address onBehalfOf) external; // REVIEW: bounded calldata params may be packable/smaller in structs or encoded batches",
"oldText": " function borrow(address asset, uint256 amount, uint256 interestRateMode, uint16 referralCode, address onBehalfOf) external;",
"category": "calldata",
"severity": "low",
"lineStart": 10,
"rationale": "For individual ABI params uint256 still occupies a full word, but bounded types help packed structs/batches and prevent redundant calldata.",
"confidence": 0.55,
"estL1Delta": 16,
"estL2Delta": null,
"annualizedBasis": "Receipt-calibrated DA estimate for calldata/data bytes; exact deltas require V2.1.2 harness measurement.",
"estimatedGasSaved": null,
"estimatedDataBytesSaved": 16
},
{
"id": "calldata-smaller-types",
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"after": "Use the smallest ABI-safe integer width only when the domain is bounded and documented.",
"patch": {
"newText": " function repay(address asset, uint256 amount, uint256 interestRateMode, address onBehalfOf) external returns (uint256); // REVIEW: bounded calldata params may be packable/smaller in structs or encoded batches",
"oldText": " function repay(address asset, uint256 amount, uint256 interestRateMode, address onBehalfOf) external returns (uint256);"
},
"title": "Review calldata parameter width",
"where": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol:11",
"before": "function repay(address asset, uint256 amount, uint256 interestRateMode, address onBehalfOf) external returns (uint256);",
"safety": "review",
"newText": " function repay(address asset, uint256 amount, uint256 interestRateMode, address onBehalfOf) external returns (uint256); // REVIEW: bounded calldata params may be packable/smaller in structs or encoded batches",
"oldText": " function repay(address asset, uint256 amount, uint256 interestRateMode, address onBehalfOf) external returns (uint256);",
"category": "calldata",
"severity": "low",
"lineStart": 11,
"rationale": "For individual ABI params uint256 still occupies a full word, but bounded types help packed structs/batches and prevent redundant calldata.",
"confidence": 0.55,
"estL1Delta": 16,
"estL2Delta": null,
"annualizedBasis": "Receipt-calibrated DA estimate for calldata/data bytes; exact deltas require V2.1.2 harness measurement.",
"estimatedGasSaved": null,
"estimatedDataBytesSaved": 16
},
{
"id": "calldata-smaller-types",
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"after": "Use the smallest ABI-safe integer width only when the domain is bounded and documented.",
"patch": {
"newText": " function withdraw(uint256 amount) external; // REVIEW: bounded calldata params may be packable/smaller in structs or encoded batches",
"oldText": " function withdraw(uint256 amount) external;"
},
"title": "Review calldata parameter width",
"where": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol:16",
"before": "function withdraw(uint256 amount) external;",
"safety": "review",
"newText": " function withdraw(uint256 amount) external; // REVIEW: bounded calldata params may be packable/smaller in structs or encoded batches",
"oldText": " function withdraw(uint256 amount) external;",
"category": "calldata",
"severity": "low",
"lineStart": 16,
"rationale": "For individual ABI params uint256 still occupies a full word, but bounded types help packed structs/batches and prevent redundant calldata.",
"confidence": 0.55,
"estL1Delta": 16,
"estL2Delta": null,
"annualizedBasis": "Receipt-calibrated DA estimate for calldata/data bytes; exact deltas require V2.1.2 harness measurement.",
"estimatedGasSaved": null,
"estimatedDataBytesSaved": 16
},
{
"id": "calldata-smaller-types",
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"after": "Use the smallest ABI-safe integer width only when the domain is bounded and documented.",
"patch": {
"newText": " function approve(address spender, uint256 amount) external returns (bool); // REVIEW: bounded calldata params may be packable/smaller in structs or encoded batches",
"oldText": " function approve(address spender, uint256 amount) external returns (bool);"
},
"title": "Review calldata parameter width",
"where": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol:17",
"before": "function approve(address spender, uint256 amount) external returns (bool);",
"safety": "review",
"newText": " function approve(address spender, uint256 amount) external returns (bool); // REVIEW: bounded calldata params may be packable/smaller in structs or encoded batches",
"oldText": " function approve(address spender, uint256 amount) external returns (bool);",
"category": "calldata",
"severity": "low",
"lineStart": 17,
"rationale": "For individual ABI params uint256 still occupies a full word, but bounded types help packed structs/batches and prevent redundant calldata.",
"confidence": 0.55,
"estL1Delta": 16,
"estL2Delta": null,
"annualizedBasis": "Receipt-calibrated DA estimate for calldata/data bytes; exact deltas require V2.1.2 harness measurement.",
"estimatedGasSaved": null,
"estimatedDataBytesSaved": 16
},
{
"id": "calldata-smaller-types",
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"after": "Use the smallest ABI-safe integer width only when the domain is bounded and documented.",
"patch": {
"newText": " function transferFrom(address from, address to, uint256 amount) external returns (bool); // REVIEW: bounded calldata params may be packable/smaller in structs or encoded batches",
"oldText": " function transferFrom(address from, address to, uint256 amount) external returns (bool);"
},
"title": "Review calldata parameter width",
"where": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol:18",
"before": "function transferFrom(address from, address to, uint256 amount) external returns (bool);",
"safety": "review",
"newText": " function transferFrom(address from, address to, uint256 amount) external returns (bool); // REVIEW: bounded calldata params may be packable/smaller in structs or encoded batches",
"oldText": " function transferFrom(address from, address to, uint256 amount) external returns (bool);",
"category": "calldata",
"severity": "low",
"lineStart": 18,
"rationale": "For individual ABI params uint256 still occupies a full word, but bounded types help packed structs/batches and prevent redundant calldata.",
"confidence": 0.55,
"estL1Delta": 16,
"estL2Delta": null,
"annualizedBasis": "Receipt-calibrated DA estimate for calldata/data bytes; exact deltas require V2.1.2 harness measurement.",
"estimatedGasSaved": null,
"estimatedDataBytesSaved": 16
},
{
"id": "calldata-smaller-types",
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"after": "Use the smallest ABI-safe integer width only when the domain is bounded and documented.",
"patch": {
"newText": " function withdrawETH(uint256 amount, address to) external { // REVIEW: bounded calldata params may be packable/smaller in structs or encoded batches",
"oldText": " function withdrawETH(uint256 amount, address to) external {"
},
"title": "Review calldata parameter width",
"where": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol:39",
"before": "function withdrawETH(uint256 amount, address to) external {",
"safety": "review",
"newText": " function withdrawETH(uint256 amount, address to) external { // REVIEW: bounded calldata params may be packable/smaller in structs or encoded batches",
"oldText": " function withdrawETH(uint256 amount, address to) external {",
"category": "calldata",
"severity": "low",
"lineStart": 39,
"rationale": "For individual ABI params uint256 still occupies a full word, but bounded types help packed structs/batches and prevent redundant calldata.",
"confidence": 0.55,
"estL1Delta": 16,
"estL2Delta": null,
"annualizedBasis": "Receipt-calibrated DA estimate for calldata/data bytes; exact deltas require V2.1.2 harness measurement.",
"estimatedGasSaved": null,
"estimatedDataBytesSaved": 16
},
{
"id": "calldata-smaller-types",
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"after": "Use the smallest ABI-safe integer width only when the domain is bounded and documented.",
"patch": {
"newText": " function borrowETH(uint256 amount, uint256 interestRateMode, uint16 referralCode) external { // REVIEW: bounded calldata params may be packable/smaller in structs or encoded batches",
"oldText": " function borrowETH(uint256 amount, uint256 interestRateMode, uint16 referralCode) external {"
},
"title": "Review calldata parameter width",
"where": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol:47",
"before": "function borrowETH(uint256 amount, uint256 interestRateMode, uint16 referralCode) external {",
"safety": "review",
"newText": " function borrowETH(uint256 amount, uint256 interestRateMode, uint16 referralCode) external { // REVIEW: bounded calldata params may be packable/smaller in structs or encoded batches",
"oldText": " function borrowETH(uint256 amount, uint256 interestRateMode, uint16 referralCode) external {",
"category": "calldata",
"severity": "low",
"lineStart": 47,
"rationale": "For individual ABI params uint256 still occupies a full word, but bounded types help packed structs/batches and prevent redundant calldata.",
"confidence": 0.55,
"estL1Delta": 16,
"estL2Delta": null,
"annualizedBasis": "Receipt-calibrated DA estimate for calldata/data bytes; exact deltas require V2.1.2 harness measurement.",
"estimatedGasSaved": null,
"estimatedDataBytesSaved": 16
},
{
"id": "calldata-smaller-types",
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"after": "Use the smallest ABI-safe integer width only when the domain is bounded and documented.",
"patch": {
"newText": " function repayETH(uint256 amount, uint256 interestRateMode, address onBehalfOf) external payable { // REVIEW: bounded calldata params may be packable/smaller in structs or encoded batches",
"oldText": " function repayETH(uint256 amount, uint256 interestRateMode, address onBehalfOf) external payable {"
},
"title": "Review calldata parameter width",
"where": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol:55",
"before": "function repayETH(uint256 amount, uint256 interestRateMode, address onBehalfOf) external payable {",
"safety": "review",
"newText": " function repayETH(uint256 amount, uint256 interestRateMode, address onBehalfOf) external payable { // REVIEW: bounded calldata params may be packable/smaller in structs or encoded batches",
"oldText": " function repayETH(uint256 amount, uint256 interestRateMode, address onBehalfOf) external payable {",
"category": "calldata",
"severity": "low",
"lineStart": 55,
"rationale": "For individual ABI params uint256 still occupies a full word, but bounded types help packed structs/batches and prevent redundant calldata.",
"confidence": 0.55,
"estL1Delta": 16,
"estL2Delta": null,
"annualizedBasis": "Receipt-calibrated DA estimate for calldata/data bytes; exact deltas require V2.1.2 harness measurement.",
"estimatedGasSaved": null,
"estimatedDataBytesSaved": 16
},
{
"id": "custom-errors",
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"after": "error INSUFFICIENTMSGVALUE(); … if (!(condition)) revert INSUFFICIENTMSGVALUE();",
"patch": {
"newText": " if (!(msg.value >= amount)) revert INSUFFICIENTMSGVALUE();",
"oldText": " require(msg.value >= amount, \"INSUFFICIENT_MSG_VALUE\");"
},
"title": "Replace long revert string with custom error",
"where": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol:56",
"before": "require(msg.value >= amount, \"INSUFFICIENT_MSG_VALUE\");",
"safety": "safe",
"newText": " if (!(msg.value >= amount)) revert INSUFFICIENTMSGVALUE();",
"oldText": " require(msg.value >= amount, \"INSUFFICIENT_MSG_VALUE\");",
"category": "deployment",
"severity": "info",
"lineStart": 56,
"rationale": "Custom errors reduce deployment bytecode and revert-path gas while preserving typed failure semantics.",
"confidence": 0.9,
"estL1Delta": 22,
"estL2Delta": 120,
"annualizedBasis": "Static deterministic estimate. Exact runtime deltas require queued Foundry snapshots with representative inputs.",
"estimatedGasSaved": 120,
"estimatedDataBytesSaved": 22
}
]
}
},
"scanId": "62419290-c0ff-44c3-be62-cbf93cd5977f",
"createdAt": "2026-06-18T16:09:17.531Z",
"riskScore": 100,
"contractName": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_",
"severityCounts": {
"low": 12,
"high": 3,
"info": 4,
"medium": 2,
"critical": 0
},
"executiveSummary": "Archon completed a read-only Mantle Mainnet audit of AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_ and found 21 deterministic findings. The highest-priority issue is Arbitrary Send Eth, with risk score 100/100 based on severity-weighted findings. The repayETH function sends excess ETH back to msg.sender using transfer, but if msg.sender is a contract that does not implement a payable fallback or has a high gas requirement, the transfer can fail, locking funds. Additionally, using transfer instead of a low-level call like call{value} limits forward gas to 2300, which may not be sufficient for complex receivers and can cause permanent loss of refunds. Review the recommended fixes and run regression tests before deployment."
},
"schema": "archon.proof.metadata.v1",
"erc8004": {
"verifiedConfig": true,
"agentIdentityRef": "eip155:5000:0x8004A169FB4a3325136EB29fA0ceB6D2e539a432:97",
"identityRegistry": "0x8004A169FB4a3325136EB29fA0ceB6D2e539a432",
"reputationRegistry": "0x8004BAa17C55a88189AE136b182e5fdA19dE9b63",
"validationRegistry": null
},
"product": "Archon",
"findings": [
{
"id": "53e089c3-77ad-4dd9-b14b-174f4cdb8057",
"title": "Arbitrary Send Eth",
"category": "arbitrary-send-eth",
"location": {
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"lineEnd": 66,
"lineStart": 55
},
"severity": "high"
},
{
"id": "17319375-c22d-4a52-a3ac-2308bcc099cd",
"title": "Arbitrary Send Eth",
"category": "arbitrary-send-eth",
"location": {
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"lineEnd": 53,
"lineStart": 47
},
"severity": "high"
},
{
"id": "8f6aae40-d024-495f-8c69-48401c09ac28",
"title": "Arbitrary Send Eth",
"category": "arbitrary-send-eth",
"location": {
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"lineEnd": 45,
"lineStart": 39
},
"severity": "high"
},
{
"id": "948bac43-fb47-4802-9195-5f255f3e1518",
"title": "Unused Return",
"category": "unused-return",
"location": {
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"lineEnd": 37,
"lineStart": 32
},
"severity": "medium"
},
{
"id": "0343bec4-0dfd-47dc-b786-0ac0c40b95b8",
"title": "Unused Return",
"category": "unused-return",
"location": {
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"lineEnd": 66,
"lineStart": 55
},
"severity": "medium"
},
{
"id": "319d7264-b3a5-494b-855e-b6f056ad4276",
"title": "Missing Zero Check",
"category": "missing-zero-check",
"location": {
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"lineEnd": 39,
"lineStart": 39
},
"severity": "low"
},
{
"id": "d3b0d93f-461b-4460-ae47-89873f0e88a5",
"title": "Missing Zero Check",
"category": "missing-zero-check",
"location": {
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"lineEnd": 25,
"lineStart": 25
},
"severity": "low"
},
{
"id": "d79d46fd-011e-4b71-bf95-62e24877d8fc",
"title": "Naming Convention",
"category": "naming-convention",
"location": {
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"lineEnd": 23,
"lineStart": 23
},
"severity": "info"
},
{
"id": "3bf389ef-6308-4162-b62e-39b10b51dd70",
"title": "Naming Convention",
"category": "naming-convention",
"location": {
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"lineEnd": 22,
"lineStart": 22
},
"severity": "info"
},
{
"id": "ba5b27e0-a231-4699-aa70-dccec4a44399",
"title": "Naming Convention",
"category": "naming-convention",
"location": {
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"lineEnd": 68,
"lineStart": 21
},
"severity": "info"
},
{
"id": "c502f451-9641-46c4-b238-6732377379c6",
"title": "Review calldata parameter width",
"category": "mantle-gas-optimizer/calldata/calldata-smaller-types",
"location": {
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"lineEnd": 8,
"lineStart": 8
},
"severity": "low"
},
{
"id": "a16a7859-eee7-46f3-8883-a236b556c6a7",
"title": "Review calldata parameter width",
"category": "mantle-gas-optimizer/calldata/calldata-smaller-types",
"location": {
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"lineEnd": 9,
"lineStart": 9
},
"severity": "low"
},
{
"id": "e616fb42-b0e5-4827-b200-73936ac06e1e",
"title": "Review calldata parameter width",
"category": "mantle-gas-optimizer/calldata/calldata-smaller-types",
"location": {
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"lineEnd": 10,
"lineStart": 10
},
"severity": "low"
},
{
"id": "c3569e89-201c-45b9-b2f3-54abb2c70d45",
"title": "Review calldata parameter width",
"category": "mantle-gas-optimizer/calldata/calldata-smaller-types",
"location": {
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"lineEnd": 11,
"lineStart": 11
},
"severity": "low"
},
{
"id": "05a0d503-7bf2-4f1f-9c12-80608bc1bcb3",
"title": "Review calldata parameter width",
"category": "mantle-gas-optimizer/calldata/calldata-smaller-types",
"location": {
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"lineEnd": 16,
"lineStart": 16
},
"severity": "low"
},
{
"id": "435a63b9-d9e6-429c-bb12-b46e10bbc702",
"title": "Review calldata parameter width",
"category": "mantle-gas-optimizer/calldata/calldata-smaller-types",
"location": {
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"lineEnd": 17,
"lineStart": 17
},
"severity": "low"
},
{
"id": "5833b66c-e60c-4054-a462-d4afde723cf7",
"title": "Review calldata parameter width",
"category": "mantle-gas-optimizer/calldata/calldata-smaller-types",
"location": {
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"lineEnd": 18,
"lineStart": 18
},
"severity": "low"
},
{
"id": "a25669a6-6d51-40bc-b25a-c5bf5a4c144d",
"title": "Review calldata parameter width",
"category": "mantle-gas-optimizer/calldata/calldata-smaller-types",
"location": {
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"lineEnd": 39,
"lineStart": 39
},
"severity": "low"
},
{
"id": "c2d97168-7ea3-4408-a316-0bcae7353e22",
"title": "Review calldata parameter width",
"category": "mantle-gas-optimizer/calldata/calldata-smaller-types",
"location": {
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"lineEnd": 47,
"lineStart": 47
},
"severity": "low"
},
{
"id": "ea92fc1d-2c7c-4d8f-a4bd-fa4190a2f86c",
"title": "Review calldata parameter width",
"category": "mantle-gas-optimizer/calldata/calldata-smaller-types",
"location": {
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"lineEnd": 55,
"lineStart": 55
},
"severity": "low"
},
{
"id": "7fbfa492-cae9-4a23-82fd-0d4a074dc1a3",
"title": "Replace long revert string with custom error",
"category": "mantle-gas-optimizer/deployment/custom-errors",
"location": {
"file": "AaveWrappedTokenGatewayV3_Interface_Suite__3_contracts_.sol",
"lineEnd": 56,
"lineStart": 56
},
"severity": "info"
}
]
}
ipfs://QmcSjL529FSiFiN7syRdAEaZksfzJXivRhHmH6BQE3yoWd