Skip to content

Security: RedDuck-Software/erc20-multisend-template

Security

SECURITY.md

Security Policy

Reporting a Vulnerability

Please report security issues privately through GitHub Security Advisories when the repository is hosted on GitHub. If advisories are not enabled yet, contact the maintainers privately before publishing details.

Scope

Security-sensitive areas include:

  • Permit2 spender and typed-data signing flow.
  • ERC20 approval behavior.
  • Token and recipient parsing.
  • Transaction simulation and gas-limit checks.
  • Anything that could redirect funds or approvals.

Important Notes

This template is not audited. Review and test it carefully before using it with valuable tokens. The default approval flow grants Permit2 a high allowance for the selected ERC20 token, which users can revoke later with a wallet or allowance management tool.

There aren't any published security advisories