Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Cove>Threat Model>setBitFlag
GeneralOverview
Findings
Critical (2)
High (3)
Medium (2)
Low (1)
Informational (1)
DiscussionTransparent intent of redeemal might lead to unintended consequencesShares can round down to zeroWeights can pass uncheckedDenial-of-service risk where attackers can disrupt rebalance process with BasketManagerUtils.completeRebalance() functionality
Threat ModelWhat are threat models?AnchoredOracle.solAssetRegistry.solBasketManagerUtils.sol
BasketToken.solcancelDepositRequestcancelRedeemRequestclaimFallbackSharesclaimFallbackSharesdepositdepositfallbackRedeemTriggerfulfillDepositfulfillRedeemmintmintprepareForRebalanceproRataRedeemredeemrequestDepositrequestRedeemsetBitFlagsetOperatorwithdraw
CoWSwapAdapter.solCoWSwapClone.solFeeCollector.solManagedWeightStrategy.sol
Audit ResultsAssessment Results

Function: setBitFlag(uint256 bitFlag_)

This function allows the basket manager to set a new bit flag for this basket.

Inputs

  • bitFlag_

    • Control: Fully controlled by the basket manager.

    • Constraints: None at this level.

    • Impact: The new bit flag for this basket.

Branches and code coverage

Intended branches

  • Update bitFlag to a new value.

Negative behavior

  • Revert if the caller is not the basket manager.

Zellic © 2025Back to top ↑