Assessment reportsPublic findings
Back to Zellic site
Assessment reports>GTE>Threat Model>clobWithdraw
GeneralOverview
Findings
Critical (2)
Medium (1)
Low (2)
Informational (1)
DiscussionThe executeRoute does not revert on unsupported function selector
Threat ModelWhat are threat models?Launchpad.sol
MegaRouterFacet.solclobCancelclobDepositclobPostLimitOrderclobWithdrawexecuteRoute
Audit ResultsAssessment Results

Function: clobWithdraw(address token, uint256 amount)

This function allows withdrawing the specified amount of token from the CLOBManager contract, given that it has been previously deposited. The caller of the function will receive the withdrawn tokens.

Inputs

  • token

    • Control: Full control.

    • Constraints: CLOBManager allows to deposit and withdraw arbitrary tokens.

    • Impact: The address of the token will be withdrawn from the CLOBManager contract.

  • amount

    • Control: Full control.

    • Constraints: There are no constraints here. However, withdraw verifies that amount cannot be more than the user's balance.

    • Impact: The amount of tokens will be withdrawn from the CLOBManager.

Branches and code coverage

Intended branches

  • Tokens have been sucessfully withdrawn.

Negative behavior

  • The caller has not deposited any tokens.

  • The amount exceeds the caller’s balance in the CLOBManager.

Function call analysis

  • this.clobFactory.withdraw(msg.sender, token, amount, False)

    • What is controllable? token and amount.

    • If the return value is controllable, how is it used and how can it go wrong? There are no return values here.

    • What happens if it reverts, reenters or does other unusual control flow? There are no problems here.

Zellic © 2025Back to top ↑