Assessment reportsPublic findings
Back to Zellic site
Assessment reports>GTE>Threat Model>settleIncomingOrder
GeneralOverview
Findings
Critical (1)
High (2)
Medium (5)
Low (1)
DiscussionTest suite
Threat ModelWhat are threat models?CLOB.sol
CLOBManager.solapproveOperatorcreditAccountdebitAccountdepositdisapproveOperatorpullFromAccountpushToAccountsettleIncomingOrderwithdraw
GTERouter.solSimpleLaunchpad.sol
Audit ResultsAssessment Results

Function: settleIncomingOrder(SettleParams params)

This function allows a trusted market contract created by the owner of the contract using the createMarket function to perform account settlement.

Inputs

  • params

    • Control: Full control.

    • Constraints: N/A.

    • Impact: Contains the taker address, quoteToken and baseToken, the side BUY or SELL, settlement type, takerQuoteAmount and takerBaseAmount, and also makerCredits info.

Branches and code coverage

Intended branches

  • the side is Side.BUY, the takerFee is equal to the expected fee.

  • the side is Side.SELL, the takerFee is equal to the expected fee.

  • the settlement is INSTANT and Side.side is BUY, the expected amount of the quoteToken has been transferred to the contract from the taker.

  • the settlement is INSTANT and Side.side is BUY, the expected amount of the baseToken has been transferred to the taker.

  • the settlement is INSTANT and Side.side is SELL, the expected amount of the baseToken has been transferred to the contract from the taker.

  • the settlement is INSTANT and Side.side is SELL, the expected amount of the quoteToken has been transferred to the taker.

  • the settlement is ACCOUNT and Side.side is BUY, the expected amount of the quoteToken has been debited from the taker balance.

  • the settlement is ACCOUNT and Side.side is BUY, the expected amount of the baseToken has been credited to the taker balance.

  • the settlement is ACCOUNT and Side.side is SELL, the expected amount of the baseToken has been debited from the taker balance.

  • the settlement is ACCOUNT and Side.side is SELL, the expected amount of the quoteToken has been credited to the taker balance.

Negative behavior

  • The caller is not a trusted market.

Function call analysis

  • FeeDataLib.getTakerFee(ds.feeData, this.takerFees, params.taker, params.takerBaseAmount)

    • What is controllable? params.taker and params.takerBaseAmount.

    • If the return value is controllable, how is it used and how can it go wrong? Returns the fee amount charged from the taker based on the takerBaseAmount. The fee for the account depends on the FeeTiers index, which is set up by the owner. By default, this is equal to ZERO index.

    • What happens if it reverts, reenters or does other unusual control flow? There are no problems here.

  • FeeDataLib.accrueFee(ds.feeData, params.baseToken, takerFee)

    • What is controllable? params.baseToken.

    • If the return value is controllable, how is it used and how can it go wrong? This function does not return a value.

    • What happens if it reverts, reenters or does other unusual control flow? There are no problems here.

  • FeeDataLib.getTakerFee(ds.feeData, this.takerFees, params.taker, params.takerQuoteAmount)

    • What is controllable? params.taker and params.takerQuoteAmount.

    • If the return value is controllable, how is it used and how can it go wrong? Returns the fee amount charged from the taker based on the takerQuoteAmount. The fee for the account depends on the FeeTiers index, which is set up by the owner. By default, this is equal to ZERO index.

    • What happens if it reverts, reenters or does other unusual control flow? There are no problems here.

  • FeeDataLib.accrueFee(ds.feeData, params.quoteToken, takerFee)

    • What is controllable? params.baseToken.

    • If the return value is controllable, how is it used and how can it go wrong? This function does not return a value.

    • What happens if it reverts, reenters or does other unusual control flow? There are no problems here.

  • SafeTransferLib.safeTransferFrom(params.quoteToken, params.taker, address(this), params.takerQuoteAmount)

    • What is controllable? params.quoteToken, params.taker, and params.takerQuoteAmount.

    • If the return value is controllable, how is it used and how can it go wrong? This function does not return a value.

    • What happens if it reverts, reenters or does other unusual control flow? Transfers takerQuoteAmount from the taker account if the side is BUY, representing the payment for filling the order.

  • SafeTransferLib.safeTransfer(params.baseToken, params.taker, params.takerBaseAmount)

    • What is controllable? params.baseToken, params.taker, and params.takerBaseAmount.

    • If the return value is controllable, how is it used and how can it go wrong? This function does not return a value.

    • What happens if it reverts, reenters or does other unusual control flow? Transfers takerBaseAmount to the taker account if the side is BUY, representing the proceeds from filling the order.

  • SafeTransferLib.safeTransferFrom(params.baseToken, params.taker, address(this), params.takerBaseAmount)

    • What is controllable? params.baseToken, params.taker, and params.takerBaseAmount.

    • If the return value is controllable, how is it used and how can it go wrong? This function does not return a value.

    • What happens if it reverts, reenters or does other unusual control flow? Transfers takerBaseAmount from the taker account if the side is SELL, representing the payment for filling the order.

  • SafeTransferLib.safeTransfer(params.quoteToken, params.taker, params.takerQuoteAmount)

    • What is controllable? params.quoteToken, params.taker, and params.takerQuoteAmount.

    • If the return value is controllable, how is it used and how can it go wrong? This function does not return a value.

    • What happens if it reverts, reenters or does other unusual control flow? Transfers takerQuoteAmount to the taker account if the side is SELL, representing the proceeds from filling the order.

  • CLOBManagerStorageLib.debitAccount(ds, params.taker, params.quoteToken, params.takerQuoteAmount)

    • What is controllable? params.taker, params.quoteToken, and params.takerQuoteAmount.

    • If the return value is controllable, how is it used and how can it go wrong? This function does not return a value.

    • What happens if it reverts, reenters or does other unusual control flow? Decreases the internal account balance using the specified takerQuoteAmount amount and reverts if the balance is insufficient.

  • CLOBManagerStorageLib.creditAccount(ds, params.taker, params.baseToken, params.takerBaseAmount)

    • What is controllable? params.taker, params.baseToken, and params.takerBaseAmount.

    • If the return value is controllable, how is it used and how can it go wrong? This function does not return a value.

    • What happens if it reverts, reenters or does other unusual control flow? Increases the internal account balance using the specified takerBaseAmount amount.

  • CLOBManagerStorageLib.debitAccount(ds, params.taker, params.baseToken, params.takerBaseAmount)

    • What is controllable? params.taker, params.baseToken, and params.takerBaseAmount.

    • If the return value is controllable, how is it used and how can it go wrong? This function does not return a value.

    • What happens if it reverts, reenters or does other unusual control flow? Decreases the internal account balance using the specified takerBaseAmount amount and reverts if the balance is insufficient.

  • CLOBManagerStorageLib.creditAccount(ds, params.taker, params.quoteToken, params.takerQuoteAmount)

    • What is controllable? params.taker, params.quoteToken, and params.takerQuoteAmount.

    • If the return value is controllable, how is it used and how can it go wrong? This function does not return a value.

    • What happens if it reverts, reenters or does other unusual control flow? Increases the internal account balance using the specified takerQuoteAmount amount.

  • this._settleMakerFill(params.quoteToken, params.baseToken, params.makerCredits, params.side) -> FeeDataLib.getMakerFee(ds.feeData, this.makerFees, credit.maker, credit.quoteAmount)

    • What is controllable? credit.maker and credit.quoteAmount.

    • If the return value is controllable, how is it used and how can it go wrong? Returns the fee amount charged from the maker based on the quoteAmount. The fee for the account depends on the FeeTiers index, which is set up by the owner. By default, this is equal to ZERO index.

    • What happens if it reverts, reenters or does other unusual control flow? There are no problems here.

  • this._settleMakerFill(params.quoteToken, params.baseToken, params.makerCredits, params.side) -> FeeDataLib.accrueFee(ds.feeData, quoteToken, makerFee)

    • What is controllable? quoteToken.

    • If the return value is controllable, how is it used and how can it go wrong? This function does not return a value.

    • What happens if it reverts, reenters or does other unusual control flow? There are no problems here. But the fee will be charged only in the case when the clobSide is BUY, and accordingly the maker side is SELL and credit.quoteAmount is more than zero. If credit.baseAmount is more than zero, in this case, it means than the maker order has been expired, the fee should not be charged, and the maker will get the full refund.

  • this._settleMakerFill(params.quoteToken, params.baseToken, params.makerCredits, params.side) -> FeeDataLib.getMakerFee(ds.feeData, this.makerFees, credit.maker, credit.baseAmount)

    • What is controllable? credit.maker and credit.quoteAmount.

    • If the return value is controllable, how is it used and how can it go wrong? Returns the fee amount charged from the maker based on the baseAmount. The fee for the account depends on the FeeTiers index, which is set up by the owner. By default, this is equal to ZERO index.

    • What happens if it reverts, reenters or does other unusual control flow? There are no problems here.

  • this._settleMakerFill(params.quoteToken, params.baseToken, params.makerCredits, params.side) -> FeeDataLib.accrueFee(ds.feeData, baseToken, makerFee)

    • What is controllable? baseToken.

    • If the return value is controllable, how is it used and how can it go wrong? This function does not return a value.

    • What happens if it reverts, reenters or does other unusual control flow? There are no problems here. But the fee will be charged only in the case when the clobSide is SELL, and accordingly the maker side is BUY and credit.baseAmount is more than zero. If credit.quoteAmount is more than zero, in this case, it means than the maker order has been expired, the fee should not be charged, and the maker will get the full refund.

  • this._settleMakerFill(params.quoteToken, params.baseToken, params.makerCredits, params.side) -> CLOBManagerStorageLib.creditAccount(ds, credit.maker, quoteToken, credit.quoteAmount)

    • What is controllable? credit.maker and credit.quoteAmount.

    • If the return value is controllable, how is it used and how can it go wrong? This function does not return a value.

    • What happens if it reverts, reenters or does other unusual control flow? Increases the internal account balance using the specified quoteAmount amount.

  • this._settleMakerFill(params.quoteToken, params.baseToken, params.makerCredits, params.side) -> CLOBManagerStorageLib.creditAccount(ds, credit.maker, baseToken, credit.baseAmount)

    • What is controllable? credit.maker and credit.baseAmount.

    • If the return value is controllable, how is it used and how can it go wrong? This function does not return a value.

    • What happens if it reverts, reenters or does other unusual control flow? Increases the internal account balance using the specified baseAmount amount.

Zellic © 2025Back to top ↑