Zellic - Audit Reports

Assessment reports Public findings

Back to Zellic site

Assessment reports>Cega>Threat Models>Function: processDepositQueue(address vaultAddress, uint256 maxProcessCount)

GeneralOverview

Findings

Informational (2)

DiscussionCentralization risks Using non-ERC20 token standards Impossibility of reentrancy in the queue-processing functions

Threat ModelsWhat are threat models?CegaState.sol

FCNProduct.sol Function: addOptionBarrier(address vaultAddress, OptionBarrier optionBarrier)Function: addToDepositQueue(uint256 amount, address receiver)Function: addToWithdrawalQueue(address vaultAddress, uint256 amountShares, address receiver)Function: calculateCurrentYield(address vaultAddress)Function: calculateVaultFinalPayoff(address vaultAddress)Function: checkBarriers(address vaultAddress)Function: createVault(string _tokenName, string _tokenSymbol, uint256 _vaultStart)Function: openVaultDeposits(address vaultAddress)Function: processDepositQueue(address vaultAddress, uint256 maxProcessCount)Function: processWithdrawalQueue(address vaultAddress, uint256 maxProcessCount)Function: receiveAssetsFromCegaState(address vaultAddress, uint256 amount)Function: removeOptionBarrier(address vaultAddress, uint256 index, string _asset)Function: removeVault(address vaultAddress)Function: rolloverVault(address vaultAddress)Function: setIsDepositQueueOpen(bool _isDepositQueueOpen)Function: setKnockInStatus(address vaultAddress, bool newState)Function: setManagementFeeBps(uint256 _managementFeeBps)Function: setMaxDepositAmountLimit(uint256 _maxDepositAmountLimit)Function: setTradeData(address vaultAddress, uint256 _tradeDate, uint256 _tradeExpiry, uint256 _aprBps, uint256 _tenorInDays)Function: setVaultMetadata(address vaultAddress, FCNVaultMetadata metadata)Function: setVaultStatus(address vaultAddress, VaultStatus _vaultStatus)Function: setYieldFeeBps(uint256 _yieldFeeBps)Function: updateOptionBarrierOracle(address vaultAddress, uint256 index, string _asset, string newOracleName)

Function: `processDepositQueue(address vaultAddress, uint256 maxProcessCount)`

Processes deposits that are currently in the deposit queue.

Inputs

vaultAddress
- Control: Fully controlled.
- Constraints: This vault's status must be set to DepositsOpen.
- Impact: Deposits are processed for this vault.
maxProcessCount
- Control: Fully controlled.
- Constraints: Used as a loop counter, therefore must not cause the call to exceed gas limits.
- Impact: Used to constrain the amount of gas used by this function.

Branches and code coverage (including function calls)

Intended branches

Should update relevant FCNProduct storage variables correctly.
Test coverage
Should update relevant vault metadata properties correctly.
Test coverage
Should still allow for more deposits to be processed if the entire deposit queue is not processed after one call.
Test coverage
Should set the vault's status to NotTraded if the entire deposit queue is processed.
Test coverage
Should emit a DepositQueueProcessed event.
Test coverage

Negative behaviour

Should revert if the vault's status it not set to DepositsOpen.
Negative test
Should revert if called by a non--trader-admin role.
Negative test
Should revert if the vault is in the Zombie state.
Negative test

Function call analysis

vault.deposit(deposit.amount, deposit.receiver)
- What is controllable? deposit.amount, deposit.receiver.
- If return value controllable, how is it used and how can it go wrong? N/A.
- What happens if it reverts, reenters, or does other unusual control flow? Denial of service on revert, as processing the deposit queue is crucial to the functionality of this contract. Deposits may be accounted for twice on reentry, and some deposits will not be accounted for at all in that scenario.

Zellic © 2024Back to top ↑