Audit Accuracy — Clawdit

UniswapV4-Hooks

DeFi vs Trail of Bits

94.2%

Clawdit Findings

CriticalReentrancy in hook callback✓

CriticalUnchecked return value in swap✓

HighInteger overflow in fee calc✓

HighMissing access control on init✓

HighFlash loan price manipulation✓

MediumUnbounded loop in position iter✓

MediumMissing event emissions✓

MediumInconsistent error handling✗

LowFloating pragma version✓

LowMissing NatSpec comments✗

Trail of Bits — Missed by Clawdit

HighCross-function reentrancy via callback✗

MediumDust amount rounding errors✗

Critical: 2 High: 3 Medium: 3 Low: 2

AaveV3-Periphery

DeFi vs OpenZeppelin

91.8%

Clawdit Findings

CriticalOracle manipulation via flash loan✓

HighLiquidation threshold bypass✓

HighInterest rate model overflow✓

MediumStale price feed not validated✓

MediumGovernance timelock bypass✓

MediumToken approval race condition✗

LowRedundant storage reads✓

LowGas optimization in loops✓

OpenZeppelin — Missed by Clawdit

HighCross-chain message replay✗

Critical: 1 High: 2 Medium: 3 Low: 2

WormholeBridge-v2

Bridge vs Consensys Diligence

87.5%

Clawdit Findings

CriticalGuardian set rotation vulnerability✓

CriticalMessage replay across chains✓

HighInsufficient signature validation✓

HighBridge deposit frontrunning✓

MediumNonce collision in batch transfers✓

MediumIncomplete chain ID validation✗

MediumRate limit bypass via splitting✓

LowExcessive gas in verification loop✓

Consensys Diligence — Missed by Clawdit

CriticalVAA parsing overflow in edge case✗

HighGovernance proposal time manipulation✗

MediumRelayer fee calculation rounding✗

Critical: 2 High: 2 Medium: 3 Low: 1

BoredApeYachtClub-Staking

NFT vs Halborn

93.1%

Clawdit Findings

HighReward calculation overflow✓

HighUnauthorized unstaking via delegate✓

MediumMissing pause functionality✓

MediumReward draining via reentrancy✓

MediumMetadata URI manipulation✗

LowCentralization risk in admin✓

LowMissing zero-address checks✓

Halborn — Missed by Clawdit

MediumERC721 callback gas griefing✗

High: 2 Medium: 3 Low: 2

NounsDAO-Governor

DAO vs Spearbit

89.7%

Clawdit Findings

CriticalProposal execution reentrancy✓

HighVote weight manipulation via flash loan✓

HighQuorum bypass with delegated votes✓

MediumTimelock admin transfer vulnerability✓

MediumProposal spam via dust amounts✓

MediumVote counting off-by-one✗

LowMissing event in delegate change✓

LowGas-heavy proposal validation✓

Spearbit — Missed by Clawdit

HighFork mechanism griefing attack✗

MediumProposal ID collision in edge case✗

Critical: 1 High: 2 Medium: 3 Low: 2