Request to Whitelist solswap.cloud - Legitimate Solana DEX#1806
Open
Solswap-DEX wants to merge 4 commits intophantom:masterfrom
Open
Request to Whitelist solswap.cloud - Legitimate Solana DEX#1806Solswap-DEX wants to merge 4 commits intophantom:masterfrom
Solswap-DEX wants to merge 4 commits intophantom:masterfrom
Conversation
📝 WalkthroughWalkthroughThe Changes
🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@whitelist.yaml`:
- Line 35: Replace the broad wildcard entry "*.solswap.cloud" in the whitelist
with explicit, verified hostnames to enforce least privilege; update the URL
entries to enumerate known domains such as "solswap.cloud" and
"perps.solswap.cloud" (and any other vetted subdomains) and remove the
"*.solswap.cloud" pattern so new/unverified subdomains are not implicitly
allowed.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
Author
|
All checks passing. Wildcard entry has been replaced with explicit subdomains (solswap.cloud and perps.solswap.cloud) per CodeRabbit's recommendation. This is a legitimate Solana DEX — solswap.cloud — forked from Raydium UI v3. Kindly request review and merge. Thank you |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Domain: solswap.cloud and perps.solswap.cloud
Current Status: solswap.cloud is currently being blocked by Phantom Wallet with a phishing warning. This is a false positive and is actively preventing legitimate users from accessing the platform.
Description:
SolSwap is a legitimate, open-source decentralized exchange built on Solana, forked from Raydium UI v3 (Apache 2.0 license). It provides token swapping via Jupiter aggregator, bridge functionality via Li.Fi, liquidity pools, and a perpetuals trading module powered by Drift Protocol.
GitHub Organization: https://github.com/Solswap-DEX
Infrastructure:
solswap.cloud— main swap interface (static export, Apache)perps.solswap.cloud— perpetuals trading via Drift Protocol (Next.js/PM2)Why this is NOT a phishing site:
Change made in this PR:
Added
solswap.cloudandperps.solswap.cloudtowhitelist.yaml.Wildcard entry (
*.solswap.cloud) was removed per CodeRabbit review and replaced with explicit subdomain entries. All 3 pre-merge checks passing.Requesting urgent review and merge to restore access for legitimate users.
Happy to provide domain ownership proof or any additional documentation required.