GoPlus: Multiple x402 ecosystem projects found to have risks, including excessive authorization and signature replay

PANews, November 17 – According to official sources, GoPlus Security Research Institute conducted a detailed security risk scan on more than 30 x402 projects and community-alerted risk projects in Binance Wallet and OKX Wallet. The scan revealed that the following projects have risks such as excessive authorization, signature replay, HonyPot (Pixiu token), and unlimited minting.

• FLOCK (0x5ab3): The owner of the transferERC20 function can extract any amount of any token from the contract.
• x420 (0x68e2): The crosschainMint function can mint tokens without limitation.
• U402 (0xd2b3): The mintByBond function allows unlimited minting by the bond.
• MRDN (0xe57e): The owner of the withdrawToken function can extract any amount of any token from the contract.
• PENG (0x4444ee, 0x444450, 0x444428): The owner of the manualSwap function can extract ETH from the contract, and the transferFrom function bypasses the allowance check for special accounts.
• x402Token (0x40ff): The transferFrom function bypasses the allowance check for special accounts.
• x402b (0xd8af5f): The owner of the manualSwap function can extract ETH from the contract, and the transferFrom function bypasses the allowance check for special accounts.
• x402MO (0x3c47df): The owner of the manualSwap function can extract ETH from the contract, and the transferFrom function bypasses the allowance check for special accounts.