AuralisAgentRegistry

Mantle Mainnet · scan depth full-report · generated 6/15/2026, 11:38:01 PM

Risk Score

Archon completed a read-only Mantle Mainnet audit of AuralisAgentRegistry and found 23 deterministic findings. The highest-priority issue is Incorrect Exp, with risk score 79/100 based on severity-weighted findings. The function setActive allows unauthorized users to change the active state of agents. Review the recommended fixes and run regression tests before deployment.

Findings

low: 3high: 1info: 17medium: 2critical: 0

Severity	Finding	Location	Confidence
high	Incorrect Exp The function setActive allows unauthorized users to change the active state of agents.	Math.sol:123	80%
medium	Divide Before Multiply The function setActive may lead to incorrect calculations if called improperly.	Math.sol:123	70%
low	Shadowing Local Local variable name shadows a state variable, which can lead to confusion.	AuralisAgentRegistry.sol:89	60%
low	Reentrancy Benign The function registerAgent is susceptible to benign reentrancy due to external calls.	AuralisAgentRegistry.sol:87	50%
low	Reentrancy Events The function registerAgent emits events that could be exploited in a reentrancy context.	AuralisAgentRegistry.sol:87	50%
info	Assembly Assembly was detected from deterministic analysis at Strings.sol:24-44. The issue should be reviewed because it can affect contract correctness, user balances, or operational cost depending on how the function is used.	Strings.sol:24	74%
info	Assembly Assembly was detected from deterministic analysis at Math.sol:123-202. The issue should be reviewed because it can affect contract correctness, user balances, or operational cost depending on how the function is used.	Math.sol:123	74%
info	Assembly Assembly was detected from deterministic analysis at ERC721.sol:465-482. The issue should be reviewed because it can affect contract correctness, user balances, or operational cost depending on how the function is used.	ERC721.sol:465	74%
info	Pragma Pragma was detected from deterministic analysis at AuralisAgentRegistry.sol:2. The issue should be reviewed because it can affect contract correctness, user balances, or operational cost depending on how the function is used.	AuralisAgentRegistry.sol:2	74%
info	Dead Code The code contains a struct definition that may not be utilized.	Context.sol:25	40%
info	Dead Code Dead Code was detected from deterministic analysis at ERC721.sol:385-388. The issue should be reviewed because it can affect contract correctness, user balances, or operational cost depending on how the function is used.	ERC721.sol:385	74%
info	Dead Code Dead Code was detected from deterministic analysis at ERC721.sol:346-356. The issue should be reviewed because it can affect contract correctness, user balances, or operational cost depending on how the function is used.	ERC721.sol:346	74%
info	Dead Code Dead Code was detected from deterministic analysis at ERC721.sol:328-333. The issue should be reviewed because it can affect contract correctness, user balances, or operational cost depending on how the function is used.	ERC721.sol:328	74%
info	Dead Code The struct AgentProfile is defined but may not be fully utilized.	Context.sol:21	50%
info	Dead Code Dead code detected in ERC721.sol.	ERC721.sol:100	80%
info	Dead Code Dead Code was detected from deterministic analysis at ERC721.sol:377-379. The issue should be reviewed because it can affect contract correctness, user balances, or operational cost depending on how the function is used.	ERC721.sol:377	74%
info	Dead Code Dead Code was detected from deterministic analysis at ERC721.sol:224-228. The issue should be reviewed because it can affect contract correctness, user balances, or operational cost depending on how the function is used.	ERC721.sol:224	74%
info	Solc Version Solidity version specified in Ownable.sol.	Ownable.sol:4	90%
info	Replace long revert string with custom error Long revert string can be replaced with a custom error in AuralisAgentRegistry.sol.	AuralisAgentRegistry.sol:93	85%
info	Replace long revert string with custom error Another long revert string can be replaced with a custom error in AuralisAgentRegistry.sol.	AuralisAgentRegistry.sol:94	85%
info	Cache repeated storage read Repeated storage read can be cached in AuralisAgentRegistry.sol.	AuralisAgentRegistry.sol:98	90%
info	Cache repeated storage read Repeated storage read can be cached to optimize gas usage.	AuralisAgentRegistry.sol:99	80%
medium	Bitmap-pack boolean flags Boolean flags can be packed into a single uint256 to save storage space.	AuralisAgentRegistry.sol:37	70%

Public validation

Challenge ledger

Anyone can challenge this artifact. Archon records the challenge in the database with a deterministic hash and references any existing report proof tx/hash. No new validation contract is implied.

No challenges recorded yet.

Proof Verification

Stored report hash

0x9315f3cb40d8ae91840f3e7a677fa63b6f6e2a16d8cc2d05f0e3de7fd5a816cf

Re-derived hash

0x9315f3cb40d8ae91840f3e7a677fa63b6f6e2a16d8cc2d05f0e3de7fd5a816cf

Metadata URI

ipfs://QmSt2NuC345jpNs5XqMQst9xv6Cgc9jDTYqgfqs6fFGRA4

Result

Hash match + ERC-8004 on-chain attestation present

Mantlescan

ERC-8004 Reference

{
  "author": "0xBd88eAE165F8A00B1B33357Fb0880CD4fE5C5E70",
  "agentId": "97",
  "contract": "0xe7043e2ec95eF357FbBa3359BA2f1edb10cEAD2a",
  "loggedBy": "0xBd88eAE165F8A00B1B33357Fb0880CD4fE5C5E70",
  "mechanism": "archon-proof-registry",
  "reputation": {
    "tag2": "risk:79",
    "txHash": "0x07df4b80d70cff995dc276f2d065fb18469ec680a0f10431e311cea99f3182f8",
    "agentId": "97",
    "feedbackIndex": "7",
    "feedbackClient": "0x8cd94bc5Ce29ECDA7feDbc14D264873835284D79",
    "reputationRegistry": "0x8004BAa17C55a88189AE136b182e5fdA19dE9b63"
  }
}

Careful scope

Archon reports are risk intelligence with confidence scores and recommended fixes. They are not guarantees, certifications, or claims that a contract is safe.