Assessment reportsPublic findings
Back to Zellic siteBack
Assessment reports>Cloak V1>Threat Model>depositERC20
GeneralOverview
Findings
Medium (2)
Low (1)
Threat ModelWhat are threat models?FastWithdrawVault.sol
L1ERC20GatewayValidium.soldepositERC20depositERC20finalizeWithdrawERC20
L1WETHGatewayValidium.solScrollChainValidium.sol
Audit ResultsAssessment Results

Function: depositERC20(address _token, address _realSender, bytes _to, uint256 _amount, uint256 _gasLimit, uint256 _keyId)

This function deposits some token to a recipient's account on Cloak on behalf of the _realSender. The caller pays the tokens and needs to attach ETH to pay for the relayer fee, while the refunded ETH is sent to the _realSender.

Inputs

  • _token

    • Control: Fully controlled by the caller.

    • Constraints: Must be an ERC-20 token with metadata.

    • Impact: The deposited token address on Scroll.

  • _realSender

    • Control: Fully controlled by the caller.

    • Constraints: Must be able to receive ETH refunds.

    • Impact: The address of the real sender on Scroll.

  • _to

    • Control: Fully controlled by the caller.

    • Constraints: N/A.

    • Impact: The encrypted address of the recipient on Cloak.

  • _amount

    • Control: Fully controlled by the caller.

    • Constraints: Must be greater than zero.

    • Impact: The amount of tokens to transfer.

  • _gasLimit

    • Control: Fully controlled by the caller.

    • Constraints: Must be lower than the maxGasLimit specified in the contract SystemConfig.

    • Impact: The gas limit required to complete the deposit on Cloak.

  • _keyId

    • Control: Fully controlled by the caller.

    • Constraints: Must be the latest key ID stored in the contract ScrollChainValidium.

    • Impact: The encryption-key ID of the key used to encrypt the address of the recipient.

Branches and code coverage

Intended branches

  • Emits a QueueTransaction event when the deposit is successful.

  • The _token balance of the caller decreases by _amount.

  • Adjusts, for fee-on-transfer tokens, the amount based on the actual received tokens.

Negative behavior

  • Reverts if trying to reenter the function.

  • Reverts if the _keyId is not the latest.

  • Reverts if the amount of _token received by the contract is zero.

  • Reverts if there is insufficient value to pay for the relayer fee.

  • Reverts if the _token does not have metadata.

  • Reverts if the symbol and name functions of the _token return data of type bytes32.

Function call analysis

  • this._deposit(_token, _realSender, _to, _amount, new bytes[0], _gasLimit, _keyId) -> this._transferERC20In(this._msgSender(), _token, _amount) -> SafeERC20Upgradeable.safeTransferFrom(IERC20Upgradeable(_token), _from, address(this), _amount)

    • What is controllable? _token, _from, and _amount.

    • If the return value is controllable, how is it used and how can it go wrong? N/A.

    • What happens if it reverts, reenters or does other unusual control flow? There are no changes to the state variables before this transfer, so reentry does not matter.

  • this._deposit(_token, _realSender, _to, _amount, new bytes[0], _gasLimit, _keyId) -> IL1ScrollMessenger(this.messenger).sendMessage{value: msg.value}(this.counterpart, 0, _message, _gasLimit, _from)

    • What is controllable? _message, _gasLimit, and _from.

    • If the return value is controllable, how is it used and how can it go wrong? N/A.

    • What happens if it reverts, reenters or does other unusual control flow? N/A.

Zellic © 2025Back to top ↑