Function: proRataRedeem(uint256 shares, address to, address from)
This function enables the caller to immediately redeem shares for all assets associated with this basket. This is a synchronous operation and does not require the rebalance process to be completed.
Inputs
shares
Control: Fully controlled by the caller.
Constraints: None at this level.
Impact: The amount of shares to redeem.
to
Control: Fully controlled by the caller.
Constraints: None at this level.
Impact: The address to which the redeemed assets are sent.
from
Control: Fully controlled by the caller.
Constraints: If
from
is not the caller, the caller must be approved byfrom
.Impact: The address to redeem shares from.
Branches and code coverage
Intended branches
Call
_harvestManagementFee
withfeeBps
andfeeCollector
.Call
_spendAllowance
withfrom
asowner
andmsg.sender
asspender
.Burn
shares
from the basket.Call
proRataRedeem
withshares
andto
as arguments.
Function call analysis
BasketManager(this.basketManager).managementFee(address(this))
What is controllable? None.
If the return value is controllable, how is it used and how can it go wrong? N/A.
What happens if it reverts, reenters or does other unusual control flow? N/A.
BasketManager(this.basketManager).feeCollector()
What is controllable? None.
If the return value is controllable, how is it used and how can it go wrong? N/A.
What happens if it reverts, reenters or does other unusual control flow? N/A.
this._harvestManagementFee(feeBps, feeCollector) -> this._mint(feeCollector, fee) -> this._update(address(0), account, value) -> ERC20PluginsUpgradeable._update -> ERC20PluginsUpgradeable._updateBalances(address plugin, address from, address to, uint256 amount)
What is controllable?
feeCollector
andfee
are controllable by the basket manager.If the return value is controllable, how is it used and how can it go wrong?
feeBps
andfeeCollector
are controllable by the basket manager.What happens if it reverts, reenters or does other unusual control flow? It can reenter the contract while updating balances calling
owner
's plugins before updating claimable fees in FeeCollector but ERC20PluginsUpgradeable._update has reentrancy guard.
this._harvestManagementFee(feeBps, feeCollector) -> FeeCollector(feeCollector).notifyHarvestFee(fee)
What is controllable?
feeBps
andfeeCollector
are controllable by the basket manager.If the return value is controllable, how is it used and how can it go wrong? N/A.
What happens if it reverts, reenters or does other unusual control flow? N/A.
_burn(from, shares) -> this._update(account, address(0), value) -> ERC20PluginsUpgradeable._update -> ERC20PluginsUpgradeable._updateBalances(address plugin, address from, address to, uint256 amount)
What is controllable?
from
andshares
.If the return value is controllable, how is it used and how can it go wrong? N/A.
What happens if it reverts, reenters or does other unusual control flow? It can reenter the contract while updating balances calling
from
's plugins before callingproRataRedeem
which decreases asset balances. It can be used to manipulate the price of this LP token.
BasketManager(this.basketManager).proRataRedeem(totalSupplyBefore, shares, to)
What is controllable?
totalSupplyBefore
,shares
, andto
—totalSupplyBefore
can be partially controllable by depositing or redeeming huge shares.If the return value is controllable, how is it used and how can it go wrong? N/A.
What happens if it reverts, reenters or does other unusual control flow? N/A.