Zellic - Audit Reports

Assessment reports Public findings

Back to Zellic siteBack

Assessment reports>Cloak V1>Threat Model>registerNewEncryptionKey

GeneralOverview

Findings

Threat ModelWhat are threat models?FastWithdrawVault.sol L1ERC20GatewayValidium.sol L1WETHGatewayValidium.sol

ScrollChainValidium.sol getEncryptionKey registerNewEncryptionKey getLatestEncryptionKey importGenesisBatch commitBatch revertBatch finalizeBundle

Audit ResultsAssessment Results

Function: `registerNewEncryptionKey(bytes _key)`

This is the key-manager entry point that records a freshly rotated encryption key so downstream deposits can reference the latest key.

Inputs

_key
- Control: Key manager (KEY_MANAGER_ROLE).
- Constraints: Must be exactly 33 bytes (compressed EC public key) — otherwise, it reverts with ErrorInvalidEncryptionKeyLength.
- Impact: Appended to encryptionKeys along with the current message queue index for later lookup.

Branches and code coverage

Intended branches

Reverts when _key.length is not 33.
Test coverage
Successful registration caches the next queue index.
Test coverage

Negative behavior

A caller without KEY_MANAGER_ROLE reverts.
Negative test

Function call analysis

IL1MessageQueueV2(this.messageQueueV2).nextCrossDomainMessageIndex()
- What is controllable? N/A.
- If the return value is controllable, how is it used and how can it go wrong? N/A.
- What happens if it reverts, reenters or does other unusual control flow? N/A.

Zellic © 2025Back to top ↑