Security Research Institute: Several x402 ecosystem projects have been found to have risks, including over-authorization and signature replay issues.
On November 17, GoPlus Security Research Institute conducted a detailed security risk scan on more than 30 x402 projects and community warning risk projects in Binance Wallet and OKX Wallet, finding that the following projects have risks of excessive authorization, signature replay, HonyPot (Pixiu token), and unlimited minting.
FLOCK (0x5ab3): The transferERC20 function allows the owner to withdraw any amount of any token from the contract.
x420 (0x68e2): The crosschainMint function can mint tokens without restriction.
U402 (0xd2b3): The mintByBond function allows unlimited token minting by bond.
MRDN (0xe57e): The withdrawToken function allows the owner to withdraw any amount of any token from the contract.
PENG (0x4444ee, 0x444450, 0x444428): The manualSwap function allows the owner to withdraw ETH from the contract, and the transferFrom function bypasses allowance checks for special accounts.
x402Token (0x40ff): The transferFrom function bypasses allowance checks for special accounts.
x402b (0xd8af5f): The manualSwap function allows the owner to withdraw ETH from the contract, and the transferFrom function bypasses allowance checks for special accounts.
x402MO (0x3c47df): The manualSwap function allows the owner to withdraw ETH from the contract, and the transferFrom function bypasses allowance checks for special accounts.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
60% APR Airdrop Collected by One Party, Compromising Openness in DeFi
- Web3 startup aPriori faces scrutiny as a single entity claimed 60% of its APR token airdrop via 14,000 interconnected wallets. - Wallets funded with 0.001 BNB each on Binance showed coordinated activity to claim and transfer APR tokens rapidly. - Blockchain analytics firm Bubblemaps revealed the entity continued creating new wallets to maximize airdrop allocations. - aPriori, backed by Pantera Capital, remains silent despite raised concerns about distribution fairness and DeFi transparency. - The inciden
Indonesia's Crypto Hacker Detained, Prompting Surge in Quantum-Resistant Security Measures
- Indonesian authorities arrested a hacker linked to a $398,000 crypto theft via a DeFi platform vulnerability, signaling intensified efforts against digital asset crimes. - The incident highlights growing regulatory challenges in securing blockchain transactions, as hackers exploit platform weaknesses to siphon funds. - Industry responses include quantum-resistant security measures, with QANplatform auditing its protocol and PQC markets projected to grow 46.2% annually by 2030. - Geopolitical shifts ampli
Hyperliquid (HYPE) Price Rally: Advancements in Liquidity and On-Chain Usage Fuel DeFi Rebound
- Hyperliquid's HYPE token surged above $40 after November 2025 Robinhood listing, driven by liquidity expansion and fee cuts. - TVL grew to $3.5B by June 2025, with HyperEVM and Unit layers enabling EVM compatibility and cross-asset trading. - Q4 2025 saw $47B weekly volumes and 78% user growth, as decentralized equity derivatives like NVDA-PERP gained traction. - Buybacks and Fed rate cut expectations project HYPE to $71 by 2026, despite security challenges like the Jelly incident.
Bitcoin price forecast: Is Bitcoin heading for $80k?
Trending news
MoreCrypto prices
More
