Security

Escrow contract (production)

The deployed bytecode matches the Solidity in contracts/contracts/OtcEscrow.sol (also verifiable via Sourcify on Basescan).

Design guarantees

What the contract can do

• Hold seller tokens in escrow
• Transfer tokens and ETH on purchase (buyListing, buyPartial)
• Return unsold tokens on cancelListing
• Send 1% fees to the immutable feeRecipient

What it cannot do

• No owner, onlyOwner, or proxy upgrade
• No changing fee rate or fee wallet after deployment
• No withdrawing tokens from someone else’s active listing
• No pausing or freezing the contract

Listing type enforcement

• Standard (listingType = 0): buyPartial only accepts tokenAmount == amountRemaining (full buy).
• Crowdfunding (listingType = 1): Any positive amount up to amountRemaining.

Fee recipient

Set in the constructor at deploy time. It cannot be updated. Current recipient is visible on Basescan as feeRecipient.

Paragon’s role

Paragon is a frontend and indexer only:

• It does not custody keys or funds.
• It cannot modify on-chain listings.
• Approved-token rules and price data are off-chain conveniences; settlement is always via your wallet → escrow.

Verify yourself

1. Open the verified contract on Basescan.
2. Read createListing, _buyPartial, and cancelListing.
3. Compare with contracts/contracts/OtcEscrow.sol in this repo.
4. Run tests: cd contracts && npm test

Tests

Hardhat tests cover:

• Creating listings (standard and crowdfunding)
• Full and partial purchases
• Fee distribution
• Cancel with remaining tokens
• Rejecting over-buy and wrong listing-type behavior
• Immutable fee recipient

Disclaimer

This documentation and the Paragon UI are not a formal security audit. For large trades, do your own due diligence or engage a professional auditor. Never share your private key or seed phrase.