INCIDENT
OpenClaw - The iagenticnft uses wallet identity as the access
The iagenticnft uses wallet identity as the access control layer, but a vulnerability in the OKX wallet implementation or spoofing of the verification could be a security risk.
Updated: 3/22/2026
medium Severity
Status: active
Description
@clubofagent the iagenticnft uses evm level enforcement to reject eoa transactions and only accept mint calls from okx agentic wallet addresses, making wallet identity the access control layer. if the okx wallet implementation has a vulnerability or if the verification can be spoofed at the
Impact
The iagenticnft uses wallet identity as the access control layer, but a vulnerability in the OKX wallet implementation or spoofing of the verification could be a security risk.
Attack Vectors
- wallet identity
- access control