ArchonArchon
Public verified reportRun your own audit

Archon public report

ApogeeToken

Mantle Mainnet · scan depth quick · generated 7/3/2026, 10:33:12 AM

Risk Score

42

Archon completed a read-only Mantle Mainnet audit of ApogeeToken and found 15 deterministic findings. The highest-priority issue is Review calldata parameter width, with risk score 42/100 based on severity-weighted findings. The 'transfer' function uses a uint256 parameter for the amount, which could be optimized to a smaller type. Review the recommended fixes and run regression tests before deployment.

Models used: Tencent Cloud TokenHub (deepseek-v4-pro), OpenAI (gpt-4o-mini) — AI reasoning served on Tencent Cloud TokenHub.

Findings

low: 5high: 0info: 10medium: 0critical: 0
SeverityFindingLocationConfidence
low

Review calldata parameter width

The 'transfer' function uses a uint256 parameter for the amount, which could be optimized to a smaller type.

ApogeeToken.sol:3470%
low

Review calldata parameter width

The 'approve' function also uses a uint256 parameter for the amount, which could be optimized to a smaller type.

ApogeeToken.sol:3970%
low

Review calldata parameter width

The transferFrom function takes a uint256 amount parameter. On Mantle, calldata is cheaper than storage but larger types like uint256 still add to transaction cost. Using a smaller type may reduce gas costs if possible.

ApogeeToken.sol:4570%
low

Review calldata parameter width

The mint function takes a uint256 amount parameter. On Mantle, smaller calldata types can reduce L2 data costs for the caller.

ApogeeToken.sol:5570%
low

Review calldata parameter width

The function 'burn' uses a uint256 parameter which may be optimized for gas usage.

ApogeeToken.sol:5970%
info

Replace long revert string with custom error

The function 'transferFrom' uses a long revert string that can be replaced with a custom error for better gas efficiency.

ApogeeToken.sol:4780%
info

Replace long revert string with custom error

The `burn` function uses a string revert reason `"Insufficient balance"` which consumes more deployment gas than a custom error. Replacing it with a custom error reduces contract size and deployment cost on Mantle Mainnet.

ApogeeToken.sol:6090%
info

Replace long revert string with custom error

The `_mint` function uses a string revert reason `"Mint to zero address"` which consumes more deployment gas than a custom error. Replacing it with a custom error reduces contract size and deployment cost on Mantle Mainnet.

ApogeeToken.sol:7390%
info

Replace long revert string with custom error

Long revert strings ('Transfer to zero address') are replaced by custom errors to reduce deployment and execution gas costs.

ApogeeToken.sol:8098%
info

Replace long revert string with custom error

Long revert strings ('Insufficient balance') are replaced by custom errors to reduce deployment and execution gas costs.

ApogeeToken.sol:8198%
info

Mark never-changing value constant or immutable

The 'owner' variable is declared as a public state variable but does not change after initialization.

ApogeeToken.sol:1580%
info

Cache repeated storage read

The 'allowed' variable is read from storage multiple times within the 'transferFrom' function.

ApogeeToken.sol:4670%
info

Cache repeated storage read

Repeated storage read for balanceOf[msg.sender] can be optimized.

ApogeeToken.sol:6080%
info

Cache repeated storage read

Repeated storage read for balanceOf[to] can be optimized.

ApogeeToken.sol:7580%
info

Cache repeated storage read

In the _transfer function, the balance of `from` is read from storage in the require statement and then again for the subtraction. Caching the storage read to a local variable reduces gas costs by avoiding a second SLOAD.

ApogeeToken.sol:8195%