Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Aura Finance>Threat Models>Function: withdraw(uint256 _pid, uint256 _amount)
GeneralOverview
DiscussionThe protectAddPool is unsafeWithdrawal of funds from a shut down pool
Threat ModelsWhat are threat models?AuraBalProxyOFT.solAuraBalRewardPool.solAuraOFT.solAuraVestedEscrow.solBaseRewardPool4626.sol
BoosterLite.solFunction: addPool(address _lptoken, address _gauge, uint256 _stashVersion)Function: deposit(uint256 _pid, uint256 _amount, bool _stake)Function: depositAll(uint256 _pid, bool _stake)Function: earmarkRewards(uint256 _pid)Function: withdraw(uint256 _pid, uint256 _amount)
ExtraRewardsDistributor.solL1Coordinator.solPausableOFT.solPausableProxyOFT.solPoolManagerLite.solVirtualBalanceRewardPool.sol
Audit ResultsAudit Results

Function: withdraw(uint256 _pid, uint256 _amount)

Passthrough function for _withdraw, which sets from and to to msg.sender.

Inputs

  • _pid

    • Control: Arbitrary.

    • Constraints: Must be a a valid pool ID in poolInfo.

    • Impact: Decides the token to withdraw and the gauge to withdraw it from. This removes LP balance by burning amount from msg.sender and transfers LP tokens back to msg.sender.

  • _amount

    • Control: Arbitrary.

    • Constraints: Cannot exceed the amount of LP balance the sender is allowed to burn.

    • Impact: The amount of LP balance to exchange for LP tokens.

Branches and code coverage (including function calls)

Intended branches

  • Withdraw from pool.

  • Withdraw from this contract (in case of shutdown).

  • Withdraw when a stash is defined.

Negative behavior

  • Withdraw while pool is shut down.

  • Withdraw under a full shutdown.

  • Withdraw more than the sender has.

Zellic © 2024Back to top ↑