Assessment reportsPublic findings
Back to Zellic siteBack
Assessment reports>Pinocchio and p-token>Audit Results>Assessment Results
GeneralOverview
Findings
Critical (1)
High (3)
Medium (1)
Low (3)
Informational (1)
DiscussionNew off-chain implementation of impl_sysvar_get may return different ProgramErrorMissing unsafe in validate_owner functionMissing mut in Pinocchio testsAccounting error in batched instructionsUsage of magic numbers in various locationsThe invoke_signed function now enforces account orderLess robust Pubkey definitionStatically compute max_digits in log macroMessage difference in process_initialize_immutable_ownerThe withdraw_excess_lamports function does not prevent self-transfersThe Default trait implementation for Rent sysvar differs from solana-program
Audit ResultsAssessment Results

Assessment Results

During our assessment on the scoped Pinocchio library and p-token program, we discovered eight findings. One critical issue was found. Three were of high impact, one was of medium impact, and three were of low impact.

Zellic © 2025Back to top ↑