Assessment reports>Anzen and protocol-v2>Threat Model>Function: fillOffer(uint256 offerId, uint256 amount)

Function: fillOffer(uint256 offerId, uint256 amount)

The function allows a user to fill an existing offer by transferring USDC to the offer creator and receiving the specified amount of locked tokens.

Inputs

  • offerId

    • Control: Arbitrary.

    • Constraints: Must be an existing offer.

    • Impact: The parameter identifies which offer to fill.

  • amount

    • Control: Arbitrary.

    • Constraints: Must be less than or equal to the remaining offer amount. Must be greater than zero.

    • Impact: The parameter specifies how many tokens from the offer to purchase.

Branches and code coverage

Intended branches

  • Calculate the required USDC, update the offer's amount, and complete the token transfer.

  • Decrement pendingOffersCount and delete the offer if the offer amount becomes zero.

Negative behavior

  • Revert if requiredUSDC is zero.

  • Revert if amount is not within permissible range.

Zellic © 2025Back to top ↑