RatingRegistry

Mantle Mainnet · scan depth full-report · generated 6/15/2026, 11:24:51 PM

Risk Score

Archon completed a read-only Mantle Mainnet audit of RatingRegistry and found 23 deterministic findings. The highest-priority issue is Incorrect Equality, with risk score 74/100 based on severity-weighted findings. The equality check in the verifyRating function may lead to incorrect validation of asset ratings. Review the recommended fixes and run regression tests before deployment.

Findings

low: 1high: 0info: 18medium: 4critical: 0

Severity	Finding	Location	Confidence
medium	Incorrect Equality The equality check in the verifyRating function may lead to incorrect validation of asset ratings.	AuralisRatingRegistry.sol:219	70%
low	Timestamp The verifyRating function relies on timestamps which can be manipulated.	AuralisRatingRegistry.sol:219	60%
info	Pragma The pragma directive specifies a specific version of Solidity.	AuralisRatingRegistry.sol:2	50%
info	Dead Code The code contains dead code that is not being utilized.	Context.sol:25	40%
info	Dead Code The enum Grade contains values that may not be used in the contract.	Context.sol:21	40%
info	Solc Version Solidity version specified in Ownable.sol.	Ownable.sol:4	70%
info	Unindexed Event Address The event address in the contract is not indexed, which may lead to inefficiencies in event filtering.	Pausable.sol:28	70%
info	Unindexed Event Address The event address in the contract is not indexed, which may lead to inefficiencies in event filtering.	Pausable.sol:23	70%
info	Replace long revert string with custom error Long revert strings can lead to higher gas costs and less clarity in error handling.	AuralisRatingRegistry.sol:128	80%
info	Replace long revert string with custom error Long revert strings can lead to higher gas costs and less clarity in error handling.	AuralisRatingRegistry.sol:129	80%
info	Replace long revert string with custom error Long revert strings can lead to higher gas costs and less clarity in error handling.	AuralisRatingRegistry.sol:130	80%
info	Replace long revert string with custom error Long revert string can be replaced with a custom error for gas optimization.	AuralisRatingRegistry.sol:131	80%
info	Replace long revert string with custom error Long revert string can be replaced with a custom error for gas optimization.	AuralisRatingRegistry.sol:132	80%
info	Replace long revert string with custom error Long revert string can be replaced with a custom error for gas optimization.	AuralisRatingRegistry.sol:177	80%
info	Replace long revert string with custom error Long revert string can be replaced with a custom error for gas optimization.	AuralisRatingRegistry.sol:178	80%
info	Replace long revert string with custom error Long revert string can be replaced with a custom error for gas optimization.	AuralisRatingRegistry.sol:179	80%
info	Cache repeated storage read Repeated storage read for ratingHashUsed.	AuralisRatingRegistry.sol:130	70%
info	Cache repeated storage read Repeated storage read for ratingHashUsed.	AuralisRatingRegistry.sol:149	70%
info	Cache repeated storage read Repeated storage read for ratingHashUsed.	AuralisRatingRegistry.sol:150	70%
info	Cache repeated storage read Repeated storage read for decisionHashUsed.	AuralisRatingRegistry.sol:178	70%
medium	Bitmap-pack boolean flags Storage mapping for boolean flags can be optimized.	AuralisRatingRegistry.sol:62	60%
medium	Bitmap-pack boolean flags The contract uses individual boolean mappings for flags, which can be optimized using bitmap packing to reduce storage costs.	AuralisRatingRegistry.sol:63	70%
medium	Bitmap-pack boolean flags The contract uses individual boolean mappings for flags, which can be optimized using bitmap packing to reduce storage costs.	AuralisRatingRegistry.sol:64	70%

Public validation

Challenge ledger

Anyone can challenge this artifact. Archon records the challenge in the database with a deterministic hash and references any existing report proof tx/hash. No new validation contract is implied.

No challenges recorded yet.

Proof Verification

Stored report hash

0xb9bb39a376783a5916f8dc95b42d6ad2f74df5fdc6c4b676e65fab8cb5397b6b

Re-derived hash

0xb9bb39a376783a5916f8dc95b42d6ad2f74df5fdc6c4b676e65fab8cb5397b6b

Metadata URI

ipfs://QmPjyGD9LXEoviUMze4Zw64VhTWqmmTixEPdnVWNqYrRWc

Result

Hash match + ERC-8004 on-chain attestation present

Mantlescan

ERC-8004 Reference

{
  "author": "0x99186e9a933fd83c0813d7ee694464ca55aeb7f9",
  "agentId": "97",
  "contract": "0xe7043e2ec95eF357FbBa3359BA2f1edb10cEAD2a",
  "loggedBy": "0x99186e9a933fd83c0813d7ee694464ca55aeb7f9",
  "mechanism": "archon-proof-registry",
  "reputation": {
    "tag2": "risk:74",
    "txHash": "0x3c0c69b8c06c593867ad56c4e15e384872aecb0ef2ba51b5d0b2ff84969ad0be",
    "agentId": "97",
    "feedbackIndex": "5",
    "feedbackClient": "0x8cd94bc5Ce29ECDA7feDbc14D264873835284D79",
    "reputationRegistry": "0x8004BAa17C55a88189AE136b182e5fdA19dE9b63"
  }
}

Careful scope

Archon reports are risk intelligence with confidence scores and recommended fixes. They are not guarantees, certifications, or claims that a contract is safe.