Discovery Trending Launches KYC Verified Watchlist Risk Alerts
Token Minter AI Threat Detection Token Burner
Blog & News Docs Visit SolidProof.io

PQC Info

pqc.li

A utility token built by a Bitcoiner in the Alps. Powered by Bitcoin. For the world.

PQC Logo
Onboarded date 04/05/2026

Team and KYC Verification

The KYC verification for this project is currently in progress.

The team has submitted their information and verification is pending.

KYC Badge

TrustNet Score

The TrustNet Score evaluates crypto projects based on audit results, security, KYC verification, and social media presence. This score offers a quick, transparent view of a project's credibility, helping users make informed decisions in the Web3 space.

68.51
Poor Excellent

Real-Time Threat Detection

Real-time threat detection, powered by Cyvers.io, is currently not activated for this project.

This advanced feature provides continuous monitoring and instant alerts to safeguard your assets from potential security threats. Real-time detection enhances your project's security by proactively identifying and mitigating risks. For more information, click here.

Security Assessments

Select the audit
"Static Analysis Dynamic Analysis Symbolic Execution SWC Check Manual Review"
Contract address
N/A
Network N/A
License N/A
Compiler N/A
Type N/A
Language Solidity
Onboard date 2026/05/04
Revision date 2026/05/05

Summary and Final Words

No crucial issues found

The contract does not contain issues of high or medium criticality. This means that no known vulnerabilities were found in the source code.

Contract owner can mint

It is possible to mint new tokens.

Contract owner can blacklist addresses

It is possible to lock user funds by blacklisting addresses.

Contract owner cannot set high fees

The fees, if applicable, can be a maximum of 25% or lower. The contract can therefore not be locked. Please take a look in the comment section for more details.

Token transfer can be locked

Owner can lock user funds with owner functions.

Token can be burned

There is a function to burn tokens in the contract without any allowances.

Ownership is not renounced

The owner retains significant control, which could potentially be used to modify key contract parameters.

Contract is not upgradeable

The contract does not use proxy patterns or other mechanisms to allow future upgrades. Its behavior is locked in its current state.

Scope of Work

This audit encompasses the evaluation of the files listed below, each verified with a SHA-1 Hash. The team referenced above has provided the necessary files for assessment.

The auditing process consists of the following systematic steps:

  1. Specification Review: Analyze the provided specifications, source code, and instructions to fully understand the smart contract's size, scope, and functionality.
  2. Manual Code Examination: Conduct a thorough line-by-line review of the source code to identify potential vulnerabilities and areas for improvement.
  3. Specification Alignment: Ensure that the code accurately implements the provided specifications and intended functionalities.
  4. Test Coverage Assessment: Evaluate the extent and effectiveness of test cases in covering the codebase, identifying any gaps in testing.
  5. Symbolic Execution: Analyze the smart contract to determine how various inputs affect execution paths, identifying potential edge cases and vulnerabilities.
  6. Best Practices Evaluation: Assess the smart contracts against established industry and academic best practices to enhance efficiency, maintainability, and security.
  7. Actionable Recommendations: Provide detailed, specific, and actionable steps to secure and optimize the smart contracts.

A file with a different Hash has been intentionally or otherwise modified after the security review. A different Hash may indicate a changed condition or potential vulnerability that was not within the scope of this review.

Final Words

The following provides a concise summary of the audit report, accompanied by insightful comments from the auditor. This overview captures the key findings and observations, offering valuable context and clarity.

Smart Contract Analysis Statement

Contract Analysis

The PrimeQualityCredit contract implements a MiCA-compliant ERC20 token for a Permissioned Ecosystem on Rootstock, with KYC-gated transfers, role-based admin and rate-limited relayer minting, an admin-only burn path for OTC fiat redemption, and a global emergency pause. The concentrated admin authority is an intentional design choice documented in the project specification (the admin key represents the issuing entity in cold storage and is the on-chain anchor for off-chain 1:1 EUR backing and AML enforcement) and is acknowledged accordingly. The implementation is internally consistent and follows widely-used OpenZeppelin patterns. While the overall design is sound, a few areas need attention:

  • The global pause and the emergency admin burn share the same code path. When the contract is paused, even the admin cannot burn tokens from a compromised holder - which is exactly the moment that capability is needed most. Refactor the burn path so admin burn bypasses both the pause guard and the whitelist guard via a private helper that calls super._update(from, address(0), amount) directly.
  • The same code path drives a temporary whitelist mutation in adminBurn (whitelist[from] is flipped to true, then restored). It is safe today because the underlying ERC20 has no transfer hooks, but the pattern silently breaks the invariant that whitelist[user] == true implies the user passed KYC, and would become exploitable if a recipient hook (ERC777, compliance attestor) is ever added. The same private-helper refactor fixes both issues.
  • When the admin lowers the daily mint limit, the running counter mintedInWindow is not clamped to the new limit. The next mint is still correctly rejected, but the on-chain state remains visibly inconsistent until the 24-hour window rolls over, which complicates dashboards and monitoring.

Ownership Privileges

The ownership of the contract has been concentrated by design in the issuing entity, in line with the MiCA-compliant Permissioned Ecosystem architecture documented in the project specification. Authority is structured around four distinct roles managed through OpenZeppelin AccessControl. The deployer is auto-whitelisted so it can immediately receive minted tokens. The owner retains full privileges including:

  • DEFAULT_ADMIN_ROLE (cold storage, issuing entity) - full administrative control: grant and revoke any role, adjust the daily mint limit, mint without rate limit, and burn tokens from any address (intended for OTC fiat redemption).
  • WHITELISTER_ROLE - adds addresses to the KYC whitelist (single or batch); intended for the automated KYC webhook relayer.
  • PAUSER_ROLE - pauses and resumes all token movements globally for incident response or regulatory order.
  • MINTER_ROLE - mints to whitelisted addresses subject to the daily 50,000 PQC rate-limit; intended for the backend payment relayer that processes off-chain fiat settlement.
  • The owner cannot upgrade the contract - the bytecode is immutable, no proxy pattern is used.
  • The owner cannot impose transfer fees - no fee mechanism is implemented and _update forwards the original amount untouched.
  • The owner cannot mint to addresses that are not on the KYC whitelist - the recipient check in _update applies to admin and minter alike.
  • The owner cannot bypass the daily rate-limit when minting via MINTER_ROLE - only the DEFAULT_ADMIN_ROLE path is exempt by design.

Security Features

The contract implements several positive security features:

  • KYC whitelist enforcement on every mint, transfer, and burn through the overridden _update hook, an ERC-3643 inspired transfer-restriction pattern that prevents the token from circulating to non-verified or sanctioned addresses.
  • A configurable per-24-hour minting cap on the MINTER_ROLE that acts as a circuit breaker against a compromised relayer key, with the cap adjustable only by the cold-storage admin.
  • Role separation across four distinct AccessControl roles (admin, whitelister, pauser, minter), supporting hot-wallet versus cold-wallet operational separation and removing the single-key authority model at the operational layer.
  • Global pause-and-resume control gated by a dedicated PAUSER_ROLE, plus ReentrancyGuard on the mint path. The contract intentionally exposes no user-facing burn or redemption function, in line with the MiCA-compliance requirement that redemption flows through regulated off-chain channels only.

Recommended Operational Hardening

Although the centralized authority and discretionary administration are part of the intentional Permissioned Ecosystem design, two defense-in-depth measures are still strongly recommended for production: hold DEFAULT_ADMIN_ROLE exclusively through a multi-signature wallet (for example a 3-of-5 cold-storage Safe) backed by a Timelock contract, and introduce a hard cap on setDailyMintLimit so that even a compromised admin key cannot raise the rate-limit beyond a recoverable bound.

Note - This Audit report consists of a security analysis of the PrimeQualityCredit smart contract. This analysis did not include economic analysis of the contract's tokenomics. Moreover, we only audited the main contract for the PrimeQualityCredit team. Other contracts associated with the project were not audited by our team. We recommend investors do their own research before investing.

Files and details

Findings and Audit result

Critical
High
Medium
2
Low
Optimization
7
Informational
medium Issues | 1 findings

Resolved

#1 medium Issue
Global pause blocks even admin emergency burn
PrimeQualityCredit.sol
L171-180
L258-274
L309-318
Description

When the contract is paused via `PAUSER_ROLE`, the overridden `_update` reverts on every transfer and burn because it calls `_requireNotPaused()` first. `adminBurn` goes through `_burn` -> `_update` and therefore reverts too. The documented purpose of the pause is to freeze user activity during an exploit; in that exact scenario the admin may need to burn an attacker's balance, but the design prevents it without first unpausing - which would re-enable the exploit. This couples the emergency-response surface to the freeze surface in an unsafe way and is the same code path that motivates the temporary whitelist mutation in PQC-T-M-002.

Comments

Refactor the burn path so admin emergency burn is independent of the pause state. Concretely: introduce a private helper `_unsafeAdminBurn(address from, uint256 amount)` that calls `super._update(from, address(0), amount)` directly, skipping both `_requireNotPaused()` and the whitelist check, and call it from `adminBurn`. This single change resolves both the pause-coupling problem described here and the temporary whitelist mutation pattern flagged in PQC-T-M-002 (now Low). Keep the user-facing transfer path fully gated by pause and whitelist; only carve out the privileged burn.

Alleviation

Resolved in PrimeQualityCredit_v2.sol exactly as recommended. The new private helper _unsafeAdminBurn (lines 345-347) calls super._update directly, and adminBurn (lines 283-288) invokes it instead of _burn. This bypasses both the pause guard and the whitelist check held in the overridden _update. Verified that OZ ERC20._update (the parent) does not call _requireNotPaused() - the pause hook lives only in the override, so super._update correctly skips it. DEFAULT_ADMIN_ROLE can now neutralise a compromised holder during an active freeze without unpausing the contract or temporarily mutating whitelist state. Same patch also resolves PQC-T-M-002.

low Issues | 4 findings

Resolved

#1 low Issue
Lowering daily limit does not clamp the running counter
PrimeQualityCredit.sol
L224-228
Description

The admin can call `setDailyMintLimit(newLimit)` with a value smaller than the current `mintedInWindow`. Subsequent `MINTER_ROLE` mint attempts will still revert correctly because the require check uses the new limit, but the storage value `mintedInWindow > dailyMintLimit` is observable until the next window rollover. This was confirmed by a stateful invariant run that produced a sequence (mint then setLimit) leaving the system in this state. There is no funds-at-risk, but the inconsistency complicates off-chain monitoring and is a code-smell.

Comments

When `setDailyMintLimit` lowers the limit below `mintedInWindow`, also reset (or cap) `mintedInWindow` to the new limit so monitoring dashboards and the `dailyMintRemaining` view stay consistent. Functionally a follow-up mint is still blocked correctly, but the in-storage counter remains visibly above the limit until the 24h window rolls.

Alleviation

Resolved in PrimeQualityCredit_v2.sol setDailyMintLimit (lines 247-254): when newLimit < mintedInWindow, the counter is clamped to newLimit so the public dailyMintRemaining() view returns 0 immediately and on-chain monitoring stays consistent with the new cap. Verified by manual line-by-line review and an aderyn v0.6.8 re-run (audit-artifacts/v2-aderyn.md) which no longer flags the inconsistency.

Acknowledged

#2 low Issue
Single-step admin role with no backup grant in constructor
PrimeQualityCredit.sol
L109-118
Description

The constructor grants `DEFAULT_ADMIN_ROLE` only to the deployer (`msg.sender`). If that key is lost or revoked by mistake (DEFAULT_ADMIN_ROLE can revoke itself), the contract becomes unrecoverable - no further role changes, mint-limit adjustments, or admin burns will be possible. The pause/unpause and minter mints can continue from already-granted role holders, but the contract is effectively unmanageable.

Comments

Deploy the contract via a multi-sig from day one and immediately grant `DEFAULT_ADMIN_ROLE` to a second cold wallet so an accidental revoke or key loss does not lock the contract permanently. AccessControl does not provide a two-step ownership transfer; you have to design the operational runbook around it.

Alleviation

Customer accepts as design / operationally mitigated. Per the customer's 2026-05 remediation message, DEFAULT_ADMIN_ROLE will be held exclusively through a multi-signature wallet from day one, with a backup grant to a second cold wallet documented in the deployment runbook to mitigate accidental revoke or key loss. AccessControl provides no two-step transfer; the multi-sig acceptance flow at the wallet level provides the equivalent typo-protection. Residual risk accepted by customer.

Acknowledged

#3 low Issue
Block timestamp dependency for the rate-limit window
PrimeQualityCredit.sol
L235
L286
Description

`block.timestamp >= windowStart + WINDOW_DURATION` is used to decide when to roll the window. On Rootstock the block time is ~30s and the validator can drift the timestamp by a small amount, so the window can effectively shift by seconds. This is not exploitable for a 24h-scale limit but is worth flagging as a design consideration.

Comments

Acceptable for a 24-hour window where a few seconds of timestamp drift do not materially affect the cap. Document that the window is approximate and ensure operational alerts compare against on-chain `windowStart` rather than wall-clock time.

Alleviation

Customer accepts as design. The 24-hour window tolerates seconds of validator timestamp drift; off-chain monitoring will compare against on-chain windowStart rather than wall-clock time per the deployment runbook.

Resolved

#4 low Issue
Admin burn temporarily mutates whitelist state to bypass `_update` check
PrimeQualityCredit.sol
L258-274
Description

`adminBurn` flips `whitelist[from] = true`, calls `_burn`, then restores the original value. Today this is safe because the overridden `_update` does no external calls and the underlying ERC20 has no transfer hooks. The pattern is dangerous in design: any future change adding a recipient hook (for example switching to ERC777 or adding an external pre-burn callback) would expose a window where a de-listed user appears whitelisted from any other contract reading the mapping, and the invariant `whitelist[user] == true implies user passed KYC` is silently broken inside the call. The cleanest fix is shared with PQC-T-M-003.

Comments

Add a private helper that calls `super._update(from, address(0), amount)` directly without going through the overridden `_update`, OR add an explicit `DEFAULT_ADMIN_ROLE` exception in `_update`. This also fixes the related medium finding about emergency burn during a pause (the same code path is the root cause). Avoid mutating consensus state to bypass invariants - the pattern is fragile to future ERC20 changes (recipient hooks, ERC777 migration, on-chain compliance attestors).

Alleviation

Resolved in PrimeQualityCredit_v2.sol via the new private helper _unsafeAdminBurn (lines 345-347) which calls super._update(from, address(0), amount) directly, bypassing the contract's overridden _update. The whitelist-mutation pattern is gone entirely. Verified against OZ ERC20._update internals (lib/openzeppelin-contracts/contracts/token/ERC20/ERC20.sol L183) - super._update has no external hook, performs the balance and totalSupply accounting, and emits Transfer. Same patch also resolves PQC-T-M-003.

optimization Issues | 7 findings

Resolved

#1 optimization Issue
Replace string-based requires with custom errors
PrimeQualityCredit.sol
L131
L132
L144
L158
L199
L202
L203
L259
L260
L290
L312
L315
Description

The contract uses long descriptive `require` strings for revert messages. Custom errors (Solidity 0.8.4+) are both cheaper at deploy time (no string in the runtime bytecode) and cheaper at revert time (4 bytes of selector instead of an ABI-encoded string). The semantic meaning is preserved and tooling support is now mature.

Comments

Define `error ZeroAddress()`, `error AlreadyWhitelisted()`, `error NotWhitelisted()`, `error CallerLacksRole()`, `error ZeroAmount()`, `error DailyLimitExceeded()`, `error SenderNotWhitelisted()`, `error RecipientNotWhitelisted()` and replace each `require(condition, "string")` with `if (!condition) revert XXX();`. This saves roughly 50 bytes of deployment cost per long string and around 9 gas per revert path at runtime, while making the ABI cleaner for indexers.

Alleviation

Implemented in PrimeQualityCredit_v2.sol lines 46-54 - all string-based requires replaced with custom errors (ZeroAddress, AlreadyWhitelisted, NotWhitelisted, ZeroAddressInBatch, CallerLacksRole, ZeroAmount, DailyLimitExceeded, SenderNotWhitelisted, RecipientNotWhitelisted). Bytecode reduction and structured 4-byte selectors verified by recompile.

Resolved

#2 optimization Issue
Loop uses post-increment and checked arithmetic
PrimeQualityCredit.sol
L143-149
Description

The for-loop in `batchAddToWhitelist` uses `i++` (post-increment) and the default checked-arithmetic for the increment. Pre-increment with an unchecked block is the standard cheap-loop idiom in Solidity 0.8.x.

Comments

Cache `accounts.length` in a local before the loop and replace the loop body with `unchecked { ++i; }` at the end. This shaves a few gas per iteration and the bound `i < accounts.length` is already enforced explicitly.

Alleviation

Implemented in PrimeQualityCredit_v2.sol lines 159-170. accounts.length is cached as `len` at line 160 before the loop; the increment is now `unchecked { ++i; }` at line 168 (pre-increment + unchecked block).

Resolved

#3 optimization Issue
Storage slot read twice per iteration
PrimeQualityCredit.sol
L143-149
Description

Inside `batchAddToWhitelist`, the expression `accounts[i]` is read three times per iteration (require, if-check, assignment). Caching the value in a local cuts two calldata loads per iteration.

Comments

Compute `address acc = accounts[i];` once per iteration and reuse it for the require, the if-check and the assignment. This avoids a redundant calldata fetch and improves readability.

Alleviation

Implemented in PrimeQualityCredit_v2.sol line 162: `address acc = accounts[i];`. The local `acc` is reused for the zero-address check (line 163), the mapping read (line 164), the assignment (line 165), and the event emission (line 166), eliminating duplicate calldata loads.

Resolved

#4 optimization Issue
`mintedInWindow += amount` can be unchecked
PrimeQualityCredit.sol
L294
Description

The `mintedInWindow + amount` value is already bounded by the immediately-preceding require check. The Solidity 0.8 overflow check on the next line is redundant and can be elided with `unchecked`.

Comments

Wrap the addition in an `unchecked { ... }` block. The require above already enforces `mintedInWindow + amount <= dailyMintLimit`, and `dailyMintLimit` is bounded by the admin to a sensible value, so overflow is impossible in practice and the compiler's overflow check is dead code.

Alleviation

Implemented in PrimeQualityCredit_v2.sol lines 308-310 - the increment is now wrapped in `unchecked`. The preceding require at line 307 enforces `mintedInWindow + amount <= dailyMintLimit` so overflow is impossible at this site.

Resolved

#5 optimization Issue
`nonReentrant` on `adminMint` is unnecessary
PrimeQualityCredit.sol
L197
Description

ReentrancyGuard adds a storage read and write on every protected call. `adminMint` only calls `_mint` (internal), `_enforceDailyLimit` (internal), `hasRole` (internal storage read), and emits an event. There is no external call surface that could lead to reentrancy, so the guard is dead weight.

Comments

Remove `nonReentrant` from `adminMint`. The function makes no external call: `_mint` only updates internal balances and emits an event, with no callback or token-receiver hook in plain ERC20. The modifier costs ~2300 gas per call (cold sload) without protecting anything.

Alleviation

Implemented in PrimeQualityCredit_v2.sol - ReentrancyGuard inheritance removed from the contract (line 40); adminMint (line 219) no longer carries the nonReentrant modifier. Verified that _mint, _enforceDailyLimit, and hasRole make no external call, so the modifier was protecting nothing.

Resolved

#6 optimization Issue
Constants are private and not exposed via getter
PrimeQualityCredit.sol
L73
L76
Description

Both constants are `private` and therefore invisible to external callers. Public visibility costs nothing for constants and improves observability for explorers and dashboards.

Comments

Make `WINDOW_DURATION` and `DEFAULT_DAILY_LIMIT` `public constant` so off-chain monitoring tooling can read them via the auto-generated getter. There is no gas cost for a public constant.

Alleviation

Implemented in PrimeQualityCredit_v2.sol - WINDOW_DURATION (line 90) and DEFAULT_DAILY_LIMIT (line 93) are now `public constant`, exposed via the auto-generated getters for off-chain monitoring.

Resolved

#7 optimization Issue
Repeated `whitelist[accounts[i]]` reads from storage
PrimeQualityCredit.sol
L143-149
Description

The mapping read `whitelist[accounts[i]]` happens twice per iteration (the if and the assignment side-effect). Caching the read saves one SLOAD per already-whitelisted entry.

Comments

Cache `accounts[i]` in a local and the storage read with `bool isListed = whitelist[acc];`. Then use the local for the if-check and only write when needed.

Alleviation

Implemented in PrimeQualityCredit_v2.sol lines 162-167. The address is cached as `acc` and the conditional `if (!whitelist[acc])` (line 164) protects the SSTORE so already-whitelisted entries skip the assignment. The duplicate mapping read on already-whitelisted entries is eliminated.

informational Issues | 10 findings

Acknowledged

#1 informational Issue
Centralized admin authority - acknowledged Permissioned Ecosystem design
PrimeQualityCredit.sol
L197-212
L224-228
L258-274
Description

The DEFAULT_ADMIN_ROLE bypasses the daily mint rate limit (line 206), can set the limit to any value with no upper cap (line 224), and can burn tokens from any address (line 258). The project specification (Sections 3 and 5) documents this concentration of authority as an intentional design choice for the MiCA-compliant Permissioned Ecosystem on Rootstock - the admin key represents the issuing entity in cold storage and is the on-chain anchor for off-chain 1:1 EUR backing, OTC redemptions, and AML enforcement. The associated operational risk is acknowledged design rather than a code defect; the recommendation below is defense in depth.

Comments

Although the centralized authority is an intentional architecture, two operational hardening measures remain strongly recommended as defense in depth: (1) hold `DEFAULT_ADMIN_ROLE` exclusively through a multi-signature wallet (for example a 3-of-5 cold-storage Safe) backed by a Timelock contract, so that no single key compromise translates to a unilateral mint or burn; (2) introduce a hard cap on `setDailyMintLimit` (for example `MAX_LIMIT = 1_000_000e18`) so that even a compromised admin key cannot raise the rate-limit beyond a recoverable bound. Document the trust assumptions clearly in user-facing materials so investors are aware of the centralization vector.

Alleviation

Customer confirms acknowledged design (Permissioned Ecosystem MiCA architecture). Per the 2026-05 remediation message, DEFAULT_ADMIN_ROLE will be held through a multi-signature wallet. The defense-in-depth recommendation to introduce a hard cap on setDailyMintLimit (e.g. MAX_LIMIT = 1_000_000e18) was NOT implemented in code; customer accepts the residual centralisation risk and the admin's ability to raise the rate-limit without bound.

Resolved

#2 informational Issue
Documentation calls the limit "rolling" but implementation is fixed-window
PrimeQualityCredit.sol
L31-32
L281-295
Description

Doc comments describe `dailyMintLimit` as a "rolling 24-hour window" rate limit. The implementation is actually a fixed-window counter that resets at most once per 24 hours - not a sliding window. The two semantics differ: a fixed window allows up to 2x the cap to be minted across a boundary (one full cap right before reset, one full cap right after). This is not a vulnerability but a wording clarity issue with operational implications.

Comments

Either rename the comments to "fixed 24-hour window" for accuracy, or implement a true sliding window using a per-second amortization scheme. A fixed window is simpler and acceptable as long as users understand that two full caps can be minted across a window boundary (one just before, one just after).

Alleviation

Resolved in PrimeQualityCredit_v2.sol - documentation comments at lines 33-35 (contract-level) and 295-299 (_enforceDailyLimit) now describe a 'fixed 24-hour window' with explicit note about the 2x-cap-across-boundary edge case. The implementation is unchanged (fixed window remains an acceptable design); only the wording was corrected to match.

Resolved

#3 informational Issue
Floating pragma `^0.8.24`
PrimeQualityCredit.sol
L2
Description

The pragma `^0.8.24` allows any patch version of Solidity 0.8.24 or newer. While Solidity 0.8.x guarantees backward compatibility, pinning to an exact version is the recommended hygiene for an audited production contract.

Comments

For production deployment, pin to an exact version (for example `pragma solidity 0.8.24;`) so that compiler bugs in newer 0.8.x patch releases cannot silently change the deployed bytecode if someone rebuilds. Use a CI lockfile (`foundry.toml` already pins `solc_version`) to keep tooling consistent.

Alleviation

Resolved in PrimeQualityCredit_v2.sol line 2: `pragma solidity 0.8.24;` (exact pin). Same change applied to PQCRewardClaim_v2.sol line 2. foundry.toml continues to pin `solc_version = "0.8.24"`.

Pending

#4 informational Issue
Two different pragma constraints across the project
PrimeQualityCredit.sol
L37 (whole contract)
Description

OpenZeppelin contracts in `lib/openzeppelin-contracts/` declare `pragma solidity ^0.8.20`, while project files declare `pragma solidity ^0.8.24`. The compiler picks the most restrictive constraint and compiles correctly, but inconsistent pragmas across a codebase is a known source of confusion.

Comments

OpenZeppelin v5 contracts use `^0.8.20`. Project contracts use `^0.8.24`. The intersection is `>=0.8.24`, so the build is consistent, but the mismatch can confuse reviewers. Standardize on one pragma across all files where possible.

Resolved

#5 informational Issue
Custom events `AdminMinted`/`AdminBurned` index only the address
PrimeQualityCredit.sol
L89
L92
Description

Both events index only the address parameter. This is the conventional choice and is correct - `amount` does not benefit from being indexed. Noted for completeness.

Comments

Indexing `to` and `from` is correct. Adding `indexed` to `amount` is rarely useful (you cannot range-query indexed uint256 values cheaply), so leave amount unindexed. This is informational only.

Alleviation

No code change required per audit recommendation ('this is informational only'). Verified in PrimeQualityCredit_v2.sol lines 106 and 109 that AdminMinted and AdminBurned correctly index only the address parameter.

Pending

#6 informational Issue
Off-chain monitoring should track on-chain rate-limit state directly
PrimeQualityCredit.sol
L234-242
L286-289
Description

The `dailyMintRemaining` view does not advance the window in storage; it only computes the visible remaining amount based on the current state. Off-chain consumers should be aware that what they see and what the next mint will compute may differ for a few seconds around the window boundary.

Comments

Build dashboards that read `windowStart`, `mintedInWindow`, and `dailyMintLimit` directly from the contract (now exposed as `public`) rather than relying solely on `dailyMintRemaining()`. The view function is helpful for one-shot UI checks but does not advance the window itself.

Pending

#7 informational Issue
No EIP-2612 `permit` support
PrimeQualityCredit.sol
L37 (whole contract)
Description

Users wanting to interact with DeFi or a reward distributor must perform a separate `approve` transaction, which costs gas and adds a UX step. EIP-2612 `permit` allows signed approvals batched into one transaction.

Comments

Consider extending the contract with `ERC20Permit` (OpenZeppelin) to enable gasless approvals for end users. This is purely a UX feature and does not affect security; for a KYC-restricted token it is often less useful since approvals are still gated by whitelist.

Pending

#8 informational Issue
Decimals defaults to 18 - confirm this matches the EUR ledger ratio
PrimeQualityCredit.sol
L108
Description

The contract does not override `decimals()`, so it inherits the ERC20 default of 18. The architecture comment claims a 1:1 EUR ratio. Make sure the relayer's payment-to-mint conversion uses the same denomination, otherwise rounding bugs may creep in.

Comments

Solidity ERC20 inherits 18 decimals by default. The doc comments mention a 1:1 EUR ratio. Confirm the off-chain ledger represents amounts at 18-decimal precision; if it represents cents, the comparison `1 EUR = 1e18 wei` may need conversion logic in the relayer.

Acknowledged

#9 informational Issue
Unbounded array length in `batchAddToWhitelist`
PrimeQualityCredit.sol
L142-150
Description

`batchAddToWhitelist` iterates over a calldata array of unrestricted length. A misconfigured automation that submits a too-large array exhausts the block gas limit and the transaction reverts. There is no economic incentive for an external attacker since the function is role-gated.

Comments

Optional operational hardening. The caller is a privileged role (relayer or admin), so the only realistic outcome of an oversized array is a self-inflicted reverted transaction and wasted gas. If the relayer pipeline is automated, cap the input length at a known-safe value (for example 200 entries) and revert with a custom error to fail fast.

Acknowledged

#10 informational Issue
Internal `_enforceDailyLimit` does not validate `amount > 0`
PrimeQualityCredit.sol
L285-295
Description

The internal `_enforceDailyLimit` does not verify `amount > 0`. The public `adminMint` does check this, so today there is no exploit, but the helper is fragile to future refactors. Defensive coding suggests validating the precondition where the work is done.

Comments

Defensive coding hygiene. The public `adminMint` already rejects zero amounts before reaching the helper, so there is no current risk. If you ever introduce another internal caller, duplicate the check inside `_enforceDailyLimit` so it cannot be reached with a zero amount and silently advance window state.