Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Beefy Wrapper>Threat Model>_deposit
GeneralOverview
Findings
Informational (2)
Threat ModelWhat are threat models?
BeefyWrapper.sol_deposit_withdrawunwrapwrap
BeefyWrapperFactory.sol
Audit ResultsSummary

Function: _deposit(address caller, address receiver, uint256 assets, uint256 shares)

This internal function overrides the default ERC-4626 implementation and is invoked by the public, inherited functions deposit and mint.

Inputs

  • caller

    • Control: None.

    • Constraints: None.

    • Impact: Caller performing the deposit.

  • receiver

    • Control: Arbitrary.

    • Constraints: None.

    • Impact: Receiver of the minted shares.

  • asset

    • Control: Arbitrary (when coming from deposit).

    • Constraints: None (directly, caller balance must be sufficient).

    • Impact: Amount of assets to wrap.

  • shares

    • Control: Arbitrary (when coming from mint).

    • Constraints: None (directly, corresponding caller asset balance must be sufficient).

    • Impact: Intended to be the amount of shares to mint but ignored and recomputed internally.

Branches and code coverage (including function calls)

Intended branches

  • Transfers asset from the caller to the wrapper contract, calls the vault to deposit the asset, and mints the corresponding amount of shares to the receiver.

Negative behavior

  • Reverts if the asset transfer fails (e.g., caller balance is insufficient).

  • Reverts if the vault deposit fails.

Function call analysis

  • rootFunction -> IERC20Upgradeable(asset()).safeTransferFrom(caller, address(this), assets)

    • What is controllable? assets.

    • If return value controllable, how is it used and how can it go wrong? Not used.

    • What happens if it reverts, reenters, or does other unusual control flow? Reverts bubble up; reentrancy is not possible (asset is considered trusted).

  • rootFunction -> IERC20Upgradeable(vault).balanceOf(address(this))

    • What is controllable? Nothing.

    • If return value controllable, how is it used and how can it go wrong? Used as the initial vault tokens' balance.

    • What happens if it reverts, reenters, or does other unusual control flow? Reverts bubble up; reentrancy is not possible (vault is considered trusted).

  • rootFunction -> IVault(vault).deposit(assets)

    • What is controllable? assets.

    • If return value controllable, how is it used and how can it go wrong? Not used.

    • What happens if it reverts, reenters, or does other unusual control flow? Reverts bubble up; reentrancy is not possible (vault is considered trusted).

  • rootFunction -> shares = IERC20Upgradeable(vault).balanceOf(address(this))

    • What is controllable? Nothing.

    • If return value controllable, how is it used and how can it go wrong? Used as the final vault balance --- the difference between final and initial balance is used as the amount of shares to be minted.

    • What happens if it reverts, reenters, or does other unusual control flow? Reverts bubble up; reentrancy is not possible (vault is considered trusted).

  • rootFunction -> _mint(receiver, shares)

    • What is controllable? Nothing directly.

    • If return value controllable, how is it used and how can it go wrong? Not used.

    • What happens if it reverts, reenters, or does other unusual control flow? Reverts and reentrancy are not possible.

Zellic © 2024Back to top ↑