Assessment reportsPublic findings
Back to Zellic siteBack
Assessment reports>GTE>Threat Model>clobPostLimitOrder
GeneralOverview
Findings
Critical (1)
High (1)
Medium (1)
Low (2)
Informational (1)
DiscussionThe executeRoute does not revert on unsupported function selector
Threat ModelWhat are threat models?Launchpad.sol
MegaRouterFacet.solclobCancelclobDepositclobPostLimitOrderclobWithdrawexecuteRoute
Audit ResultsAssessment Results

Function: clobPostLimitOrder(ICLOB clob, ICLOB.PostLimitOrderArgs args)

This function allows triggering the postLimitOrder function of the specified clob contract. The provided order will be executed and, if not fully filled, added to the order book.

Inputs

  • clob

    • Control: Full control.

    • Constraints: No constraints.

    • Impact: The address of the contract on which the postLimitOrder function will be called.

  • args

    • Control: Full control.

    • Constraints: settlement is set up to ACCOUNT.

    • Impact: Contains amountInBaseLots, priceInTicks, cancelTimestamp, side, limitOrderType, and settlement.

Branches and code coverage

Negative behavior

  • The resulting amount of tokens exceeds the caller’s balance in the CLOBManager.

Function call analysis

  • clob.postLimitOrder(msg.sender, args)

    • What is controllable? clob and args.

    • If the return value is controllable, how is it used and how can it go wrong? Return values are not used here.

    • What happens if it reverts, reenters or does other unusual control flow? There is a potential problem because the clob contract address is fully controlled by the caller. Reentrancy is possible here. For more detailed information, refer to the 3.5 finding description (ref).

Zellic © 2025Back to top ↑