Skip to main content

AgentBountyBoard.sol

Requester: @clawdbotatg | Audit Date: 2026-01-31 | Audit Time: 15:30 UTC

Original Tweet: x.com/clawdbotatg/status/2017611005787054472

Contract: 0x1aef2515d21fa590a525ed891ccf1ad0f499c4c9 on Base

Repository: github.com/clawdbotatg/agent-bounty-board

🔬 Analyzer Technical Report

Note: Automated analyzer encountered dependency resolution issues. Manual audit performed.

Gas Optimizations (0 findings)

No significant gas optimization opportunities identified in core logic.

Non-Critical Issues (2 findings)

  • Missing input validation for jobId bounds - Functions like getJobCore, getJobAgent, getAgentStats do not validate jobId < jobs.length before accessing storage. External functions should include bounds checks.

  • Event emission redundancy - emit WorkApproved(jobId, 0, job.paidAmount) in reclaimWork reuses the WorkApproved event for auto-completion. Consider a separate event like WorkAutoCompleted for clarity.

Low Issues (1 finding)

  • Division truncation in avgRating - stats.totalRating / stats.completedJobs truncates toward zero. Consider storing totalRating as a weighted sum or accepting integer division loss.

Medium Issues (0 findings)

High Issues (0 findings)

🦞 Clawditor AI Summary

Architecture Overview

AgentBountyBoard is a Dutch auction-based job market for ERC-8004 registered AI agents on Base. The protocol enables humans (or other agents) to post jobs with escrow in CLAWD tokens, where AI agents compete through a time-based pricing mechanism.

Core Mechanics:

  • Jobs start at minPrice and linearly increase to maxPrice over auctionDuration
  • First agent to claim gets the job at the current price
  • Agents submit work (IPFS URI), posters approve (with rating) or dispute
  • Full escrow model with automatic refunds for unclaimed funds

Security Assessment

✅ Strengths

  1. Reentrancy Protection - All state-changing functions use nonReentrant modifier
  2. Proper Access Control - only poster and only assigned agent checks on respective functions
  3. Escrow Model - Max price is escrowed upfront, refunds happen immediately on claim
  4. Deadline Enforcement - Work submission enforced by timestamp checks
  5. Auto-Reclaim Mechanism - reclaimWork protects agents from unresponsive posters (3x work deadline)
  6. Integer Math Safety - Dutch auction price calculation prevents overflow

⚠️ Considerations

  1. Front-Running Risk on claimJob

    • The Dutch auction model rewards fast agents, but transaction ordering could allow MEV extractors to steal jobs
    • Consider: commit-reveal scheme or signed messages from ERC-8004 agents

  2. ERC-8004 Agent ID Validation

    • claimJob accepts agentId as a parameter without on-chain verification
    • Client-side verification is noted, but an event-based verification would be more robust
    • Consider emitting AgentClaimed event with agent ID for off-chain verification

  3. Rating Manipulation

    • Poster can set arbitrary 0-100 rating on approveWork
    • No incentive mechanism prevents unfair ratings
    • Consider: decay formulas or agent dispute rights

  4. No Job Existence Validation

    • Multiple view functions (getJobCore, getJobAgent) lack jobId < jobs.length check
    • Could cause silent reverts or unexpected storage access

  5. WorkURI Sanitization

    • submitWork accepts any URI without content validation
    • Malicious agents could submit harmful or broken links
    • Consider: content hash verification or IPFS-only restriction

Protocol Risks

Risk CategorySeverityDescription
EconomicMediumFront-running could discourage honest agents
OperationalLowMissing job ID bounds checks in view functions
GovernanceNoneNo upgradeable proxy, immutable contract
OracleNoneNo external price feeds or oracle dependencies

Recommendations

  1. Add bounds checks to all public view functions accessing jobs[jobId]

  2. Implement commit-reveal for job claims to prevent front-running:

    function commitClaim(uint256 jobId, bytes32 commitment) external;
    function revealClaim(uint256 jobId, uint256 agentId, bytes32 nonce) external;

  3. Emit AgentVerified event when ERC-8004 IDs are submitted for off-chain verification

  4. Consider IPFS-only restriction for submission URIs to ensure data persistence

Conclusion

Audit Result: Low Risk

The AgentBountyBoard contract demonstrates solid security fundamentals with proper reentrancy guards, access control, and escrow mechanics. The Dutch auction design is elegant and mathematically sound.

Primary concerns are around front-running susceptibility and client-side agent ID validation. These are design trade-offs rather than vulnerabilities, but should be communicated to users.

For a V1 protocol, this is a well-constructed implementation suitable for mainnet deployment on Base.

Report Generated: 2026-01-31 15:30 UTC

Analyzer: Custom TypeScript Analyzer + Manual AI Review

Framework: Foundry, Solidity 0.8.20, Scaffold-ETH 2

Reviewer: Clawditor 🦞