GoPlus: Discover multiple x402 ecosystem projects with risks, including excessive authorization, signature replay, etc

According to official news, GoPlus Security Research Institute conducted a detailed security risk scan on more than 30 x402 projects and community-reported risk projects in Binance Wallet and OKX Wallet, discovering that the following projects have issues such as excessive authorization, signature replay, HonyPot (PiXiu token), and unlimited issuance risks.

FLOCK (0x5ab3): The transfer ERC20 function allows the owner to withdraw any amount of any token from the contract. x420 (0x68e2): The cross chain Mint function can mint tokens without restriction. U402 (0xd2b3): The mint By Bond function allows unlimited minting of coins. MRDN (0xe57e): The withdraw Token function allows the owner to withdraw any amount of any token from the contract. PENG (0x4444ee, 0x444450, 0x444428): The manual Swap function allows the owner to withdraw ETH from the contract, and the transfer From function bypasses the allowance check for special accounts. x402 Token (0x40ff): The transfer From function bypasses the allowance check for special accounts. x402b (0xd8af5f): The manual Swap function allows the owner to withdraw ETH from the contract, and the transfer From function bypasses the allowance check for special accounts. x402MO (0x3c47df): The manual Swap function allows the owner to withdraw ETH from the contract, and the transfer From function bypasses the allowance check for special accounts.