Assessment reports>Cove>Threat Model>claimTreasuryFee

Function: claimTreasuryFee(address basketToken)

This function is used to claim the treasury fee for a given basket token.

Inputs

  • basketToken

    • Control: Fully controlled by the protocol treasury or admin.

    • Constraints: basketToken must have the _BASKET_TOKEN_ROLE role.

    • Impact: The basket token to claim the treasury fee for.

Branches and code coverage

Intended branches

  • Update claimableTreasuryFees for the given basketToken with zero.

  • Call BasketToken(basketToken).proRataRedeem(fee, protocolTreasury, address(this)).

Negative behavior

  • Revert if caller is not the protocol treasury or not an admin.

  • Revert if basketToken does not have the _BASKET_TOKEN_ROLE role.

Function call analysis

  • this._checkIfBasketToken(basketToken) -> this._basketManager.hasRole(FeeCollector._BASKET_TOKEN_ROLE, token)

    • What is controllable? basketToken.

    • If the return value is controllable, how is it used and how can it go wrong? N/A.

    • What happens if it reverts, reenters or does other unusual control flow? N/A.

  • BasketToken(basketToken).proRataRedeem(fee, this.protocolTreasury, address(this))

    • What is controllable? basketToken.

    • If the return value is controllable, how is it used and how can it go wrong? N/A.

    • What happens if it reverts, reenters or does other unusual control flow? N/A.

Zellic © 2025Back to top ↑