Assessment reports>Definitive>Threat Model>deposit

Function: deposit(uint256 assets, address receiver)

This mints vault shares to the receiver by depositing exactly the amount of underlying tokens.

Inputs

  • assets

    • Control: Full.

    • Constraints: The assets needs to be less than the maximum amount of the underlying asset that can be deposited into the vault for the receiver, through a deposit call (assets < maxDeposit(receiver)).

    • Impact: Assets to be deposited.

  • receiver

    • Control: Full.

    • Constraints: Needs to be a valid, nonzero address.

    • Impact: Address to receive vault shares.

Branches and code coverage (including function calls)

Intended branches

  • Should successfully mint shares when depositing with LP tokens.

  • Should return the correct result for previewDeposit() with zero outstanding shares.

  • Should return the correct result for previewDeposit() when there are outstanding share.

  • Should return MAX_UINT_256 for maxDeposit().

Negative behavior

  • deposit() should revert when in safe harbor mode.

  • previewDeposit() should not revert when in safe harbor mode.

  • maxDeposit() should not revert when in safe harbor mode.

Function call analysis

  • rootFunction -> maxDeposit(address)

    • What is controllable? N/A.

    • If return value controllable, how is it used and how can it go wrong? N/A.

    • What happens if it reverts, reenters, or does other unusual control flow? N/A.

  • rootFunction -> previewDeposit(uint256)

    • What is controllable? N/A.

    • If return value controllable, how is it used and how can it go wrong? N/A.

    • What happens if it reverts, reenters, or does other unusual control flow? N/A.

Zellic © 2025Back to top ↑