Add omni.fun to whitelist

[0xzcov]

Request

Add omni.fun and *.omni.fun (covers app.omni.fun, api.omni.fun) to the whitelist.

Users are receiving false positive "unsafe" transaction warnings when buying and selling tokens on omni.fun through Phantom. These are routine interactions with verified contracts on Base.

About omni.fun

Multichain memecoin launchpad built on Base. Tokens launch on a bonding curve and graduate to Uniswap V3 at $69K market cap. Cross-chain trading via LayerZero V2 OFT standard across 8 chains (Base, Arbitrum, Optimism, Polygon, BSC, Ethereum, Avalanche, Solana).

• Website: https://omni.fun
• App: https://app.omni.fun
• API docs: https://app.omni.fun/.well-known/openapi.json

Verified Contracts (Base — Basescan)

Contract	Address
Factory V8	0x6DB150...
FactoryV8Helper	0x6421bD710bE56dDE3163c3F7931F2C6Ef63812aA
CCL V3	0x4c995288807BCF597afEA49c8490500a2E515148
CurveRegistry	0xCe5403...
Vault V5	0xeF8e06...

All contracts verified with published source code on Basescan.

Security Model

• Non-custodial: Users sign all transactions in their own wallet. The app never holds private keys or custody of funds.
• Standard interactions: ERC-20 approvals + swaps on bonding curve contracts, Uniswap V3 post-graduation, LayerZero OFT send() for cross-chain.
• Spending controls: Per-trade limits, daily limits, approved chain whitelists, emergency pause.

Transaction types triggering warnings

1. USDC approve() to curve/vault contracts
2. Buy (USDC → token on bonding curve)
3. Sell (token → USDC from bonding curve)
4. Cross-chain send (LayerZero OFT send())

All standard, well-known interaction patterns with verified contracts.

Summary by CodeRabbit

Chores

• Updated domain allowlist to include omni.fun and its subdomains, while maintaining support for existing allowed domains.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 5e1d18d7-159c-4142-a6ed-e28fed7712b5

📥 Commits

Reviewing files that changed from the base of the PR and between f0e8ff9 and 2a76103.

📒 Files selected for processing (1)

• whitelist.yaml

---

📝 Walkthrough

Walkthrough

The whitelist configuration file was updated to add two new domain entries (omni.fun and *.omni.fun) to the allowlist. The existing nftplus.io entry was removed and re-added without net change to its permission status.

Changes

Cohort / File(s)	Summary
Whitelist Configuration whitelist.yaml	Added two new domain entries (omni.fun and *.omni.fun) to the allowlist. Removed and re-added nftplus.io with no net change to its status.

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Add omni.fun to whitelist' directly and specifically reflects the primary change in the pull request—adding omni.fun and *.omni.fun to the whitelist.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

Tip

CodeRabbit can generate a title for your PR based on the changes.

Add @coderabbitai placeholder anywhere in the title of your PR and CodeRabbit will replace it with a title based on the changes in the PR. You can change the placeholder by changing the reviews.auto_title_placeholder setting.