Assessment reports>Cega>Threat Models>Function: addToDepositQueue(uint256 amount, address receiver)
GeneralOverview
Threat ModelsWhat are threat models?CegaState.sol
FCNProduct.solFunction: addOptionBarrier(address vaultAddress, OptionBarrier optionBarrier)Function: addToDepositQueue(uint256 amount, address receiver)Function: addToWithdrawalQueue(address vaultAddress, uint256 amountShares, address receiver)Function: calculateCurrentYield(address vaultAddress)Function: calculateVaultFinalPayoff(address vaultAddress)Function: checkBarriers(address vaultAddress)Function: createVault(string _tokenName, string _tokenSymbol, uint256 _vaultStart)Function: openVaultDeposits(address vaultAddress)Function: processDepositQueue(address vaultAddress, uint256 maxProcessCount)Function: processWithdrawalQueue(address vaultAddress, uint256 maxProcessCount)Function: receiveAssetsFromCegaState(address vaultAddress, uint256 amount)Function: removeOptionBarrier(address vaultAddress, uint256 index, string _asset)Function: removeVault(address vaultAddress)Function: rolloverVault(address vaultAddress)Function: setIsDepositQueueOpen(bool _isDepositQueueOpen)Function: setKnockInStatus(address vaultAddress, bool newState)Function: setManagementFeeBps(uint256 _managementFeeBps)Function: setMaxDepositAmountLimit(uint256 _maxDepositAmountLimit)Function: setTradeData(address vaultAddress, uint256 _tradeDate, uint256 _tradeExpiry, uint256 _aprBps, uint256 _tenorInDays)Function: setVaultMetadata(address vaultAddress, FCNVaultMetadata metadata)Function: setVaultStatus(address vaultAddress, VaultStatus _vaultStatus)Function: setYieldFeeBps(uint256 _yieldFeeBps)Function: updateOptionBarrierOracle(address vaultAddress, uint256 index, string _asset, string newOracleName)
Oracle.sol

Function: addToDepositQueue(uint256 amount, address receiver)

Adds a deposit to the depositQueue storage array.

Inputs

  • amount

    • Control: Fully controlled.

    • Constraints: The receiver must own at least this amount of asset tokens.

    • Impact: This amount of tokens are transferred from the receiver to this contract.

  • receiver

    • Control: Fully controlled.

    • Constraints: Must have preapproved this contract.

    • Impact: Tokens are transferred from this address to this contract.

Branches and code coverage (including function calls)

Intended branches

  • Should update the count of queued deposits.

  • Should update the total queued deposits amount.

  • Should add a new deposit into the depositQueue storage array.

  • Should emit a DepositQueued event.

  • Should decrease the asset balance of the receiver.

  • Should increase the asset balance of this contract.

Negative behaviour

  • Should revert if the deposit queue is not open.

  • Should revert if this deposit would cause the product to go over its maximum deposit amount limit.

  • Should revert if the receiver has not approved this contract to spend the required amount.

Function call analysis

  • IERC20(asset).safeTransferFrom(receiver, address(this), amount)

    • What is controllable? receiver, amount.

    • If return value controllable, how is it used and how can it go wrong? N/A.

    • What happens if it reverts, reenters, or does other unusual control flow? If it reverts, the deposit will fail. No other side effects as it follows the CEI pattern.

Zellic © 2024Back to top ↑