Critical: XChain claim must use route parameters instead of context

[coderabbitai]

Security Vulnerability

During review of PR #1351, a critical security issue was identified in the xchain claim flow.

Issue

In src/components/Claim/Link/Onchain/Confirm.view.tsx, the xchain claim execution uses mutable context values (selectedChainID, selectedTokenAddress) instead of the validated route object parameters. This creates a risk where funds could be sent to a different chain/token than displayed if the context is modified between validation and execution.

Fix Required

Change line 86-88 to use route parameters:

destinationChainId: selectedRoute.rawResponse.route.params.toChain,
destinationToken: selectedRoute.rawResponse.route.estimate.toToken.address,

References

• PR: attempt at more fixes #1351

Priority

🚨 Critical - Potential for funds to be sent to wrong destination

cc: @Hugo0