Zellic - Audit Reports

Assessment reports Public findings

Back to Zellic site

Assessment reports>Euler>Threat Models>Function: claimAndAgreeToTerms(byte[32] acceptanceToken, uint256 index, TokenAmount tokenAmounts, byte[32] proof)

GeneralOverview

Findings

Informational (2)

Threat ModelsWhat are threat models?

EulerClaims.sol Function: claimAndAgreeToTerms(byte[32] acceptanceToken, uint256 index, TokenAmount tokenAmounts, byte[32] proof)

Audit ResultsSummary

Function: `claimAndAgreeToTerms(byte[32] acceptanceToken, uint256 index, TokenAmount tokenAmounts, byte[32] proof)`

Used by users to claim their redemption tokens.

Inputs

acceptanceToken
- Control: Fully controlled.
- Constraints: Must be a hash of the user's address concatenated with a preset terms and conditions hash.
- Impact: Reverts if this is not correct.
index
- Control: Fully controlled.
- Constraints: Used to verify the Merkle proof, so it cannot be forged.
- Impact: Reverts if forged.
tokenAmounts
- Control: Fully controlled.
- Constraints: Used to verify the Merkle proof, so it cannot be forged.
- Impact: Reverts if forged.
proof
- Control: Fully controlled.
- Constraints: The proof that the other inputs are verified against. Cannot be forged as it is used to get back to the Merkle root.
- Impact: Reverts if forged.

Branches and code coverage (including function calls)

Intended branches

Simple Merkle tree works correctly.
Test coverage
Large Merkle tree works correctly.
Test coverage

Negative behavior

Reverts if terms and conditions were not accepted.
Negative test
Reverts if an invalid proof is passed in.
Negative test
Reverts if an invalid index is passed in.
Negative test
Reverts if the user claiming the tokens is not eligible to them.
Negative test
Reverts if tokenAmounts is forged or tampered with.
Negative test

Zellic © 2024Back to top ↑