Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Avantis>Threat Model>claimRebate
GeneralOverview
Findings
Critical (6)
High (9)
Medium (6)
Low (10)
Informational (7)
DiscussionReferral code incentives are misalignedVeTranche NFT info should be structNo way to remove user from Trading whitelistPyth price can become negative or erraticTranche has unnecessary `ReentrancyGuard`Checks-effects-interactions pattern brokenTypos
Threat ModelWhat are threat models?Execute.solReferral.solTrading.sol
TradingStorage.solclaimRebate
Tranche.solVaultManager.solVeTranche.sol
Audit ResultsSummary

Function: claimRebate()

This allows a referrer to claim their rebate.

Branches and code coverage

Intended branches

  • If there is some value in rebates for msg.sender, transfer it to the caller and set this value to zero.

Negative behavior

N/A.

Function call analysis

  • this.usdc.transfer(msg.sender, this.rebates[msg.sender])

    • What is controllable? msg.sender and this.rebates[msg.sender].

    • If the return value is controllable, how is it used and how can it go wrong? No return value.

    • What happens if it reverts, reenters or does other unusual control flow? If it reverts, the entire call will revert — no reentrancy scenarios.

Zellic © 2025Back to top ↑