Panoptic MultiToken Merkle Distributor

Description

The function allows third parties to execute a claim for a given leaf, and tokens are always sent to the account encoded in the leaf. The trade‑off: if a leaf contains a wrong account, a third party can proactively claim to that wrong address, preventing later recovery via the admin’s withdrawUnclaimed.

Recommendation

Consider using msg.sender to claim instead of account or a signature from the account.

Description

admin is set to the deployer EOA and cannot be changed. If the key is lost or compromised, unclaimed funds after withdrawableAt can be withdrawn by an attacker, and there is no recovery path.

Recommendation

Pass the admin address in the constructor and use a multisig. Consider adding a one‑time admin transfer mechanism or making admin upgradable behind a multisig/DAO if governance changes are expected.

Description

supportedTokens is a mapping(address => bool) plus a separate tokenList array. This pattern works but can drift out of sync (e.g., accidental duplicates in tokenList, or forgetting to push/remove). Managing two data structures also increases maintenance.

Furthermore they are not enforced anymore on claim so right now it seems they are only for offchain reading?

Recommendation

Use EnumerableSet.AddressSet from OZ for a single source of truth (add/remove/check/iterate safely).

Consider enforcing them on claim or removing them at all.

Description

Without fork/integration tests that attempt to claim every leaf, discrepancies in leaf encoding, amounts, or unsupported tokens can surface only after deployment, potentially DoS’ing some claims.

Recommendation

Add a pre‑release script/test that: (1) rebuilds the Merkle root from the JSON snapshot, (2) attempts a fork dry‑run claim for every leaf, and (3) checks contract balances cover all amounts for all tokens.

Description

verify copies the proof to memory. Since the proof is already calldata, using verifyCalldata avoids an unnecessary copy.

Recommendation

Replace with MerkleProof.verifyCalldata(merkleProof, merkleRoot, node).