# Audited Code Commentary

- timestamp: 2026-02-20T14:12:27.5482023-05:00
- job_id: `5bc128ab-b89d-4123-a4ec-53db026bc07d`
- status: `succeeded`
- source_snapshot_dir: `C:\Users\Josh\hypersdk\examples\veilvm\evidence-bundles\audit-closure\evmbench-20260220-141106\audited-sources`

| Contract | Label | SHA256 | Lines | Commentary Focus |
|---|---|---|---|---|
| `VeilKeep3r.sol` | EVM Keep3r | `b6efc0da28ce9b2e14674e020c180337127615071822625308cab97fe5c731c5` | 119 | Check keeper registration, permissions, and job execution gating.; Validate reward accounting to prevent inflation or double-claim patterns.; Review anti-spam and slashing/penalty logic consistency. |
| `VeilLiquidityIntentGateway.sol` | EVM Intent Gateway (Liquidity) | `ee7f0427b137950d0e9a34e702bfb51cc83922976d8b0fd2c855041da5274f65` | 270 | Review liquidity intent constraints and anti-replay protections.; Validate authorization on liquidity movement and execution entrypoints.; Check failure modes around partial fills and state rollbacks. |
| `VeilOrderIntentGateway.sol` | EVM Intent Gateway (Order) | `252c4021efde506363cb61254a2ebe558e576b89232a242ccd8c6e8ba02b11df` | 199 | Review order intent validation and replay-protection semantics.; Check signature/domain separation and nonce handling.; Validate settlement path authorization and failure handling. |
| `VeilTreasury.sol` | EVM Treasury | `66da6119126583a9ca89c842914ae57ab8b21b52730aa4090b8776baaf9839fc` | 79 | Validate treasury withdrawal authorization and role scoping.; Review value-moving methods for reentrancy and external-call risk.; Confirm emergency and pause controls are explicit and auditable. |
| `VeilUniV2Dex.sol` | EVM UniV2 LP/DEX | `29ca83a48eb3ccb5253751a104d9597c4b998ee4ac709491aca6b57f1db35a6e` | 359 | Validate pool and swap math assumptions and fee accounting.; Check LP mint/burn paths for reserve invariant safety.; Review token transfer ordering and external call protections. |
| `VeilVAI.sol` | EVM VAI | `f1544b9e16cb4e8bda1f4145e5dafddad330d47cdee6ddae52324c947d3a0592` | 125 | Verify mint and burn authority boundaries and any privileged issuer paths.; Check ERC-20 transfer and allowance flows for standard edge-case safety.; Confirm administrative controls cannot bypass intended supply policy. |