Our team performed a security audit for Baanx Group Ltd. of their Baanx Withdraw Solana Program for the MetaMask Card, a Solana-based fund management system that provides two primary functions: a withdrawal mechanism for authorized operators to transfer tokens from accounts to a beneficiary, and a multi-send feature for distributing tokens from a treasury to multiple recipients.

The program implements role-based access control, reentrancy protection, signature verification for multi-send operations, and supports both SPL Token and Token-2022 standards. It also includes administrative functions for key management and a pause mechanism for emergency response.

During the audit, we identified several issues, all of which have since been resolved or acknowledged by Baanx to ensure the program meets strong security standards.

Read the full audit report.

Get a quote for your project, schedule a call with our team, sign up for our newsletter, and follow us on X to stay updated.