Assessment reports>Mantle>Threat Models>finalizeERC20Withdrawal

Function: finalizeERC20Withdrawal(address _l1Token, address _l2Token, address _from, address _to, uint256 _amount, byte[] _data)

Finalizes withdrawal of an ERC-20 token from L2 to L1.

Inputs

  • _l1Token

    • Control: User.

    • Constraints: Discarded.

    • Impact: Determines which token to be withdrawn.

  • _l2Token

    • Control: User.

    • Constraints: Discarded.

    • Impact: Address of the L1 respective L2 ERC-20.

  • _from

    • Control: User.

    • Constraints: Discarded.

    • Impact: The address from which the tokens are transferred.

  • _to

    • Control: User.

    • Constraints: Discarded.

    • Impact: The destination address for the transferred tokens.

  • _amount

    • Control: User.

    • Constraints: Discarded.

    • Impact: Amount of the ERC-20 to withdraw.

  • _data

    • Control: User.

    • Constraints: Discarded.

    • Impact: Optional data.

Branches and code coverage (including function calls)

Intended branches

  • Successfully withdraws if all conditions are met.

Negative behavior

  • Reverts if called from a non-crossDomainMessenger L1 account.

  • Reverts if called from the right crossDomainMessenger but wrong xDomainMessageSender.

Function call analysis

  • finalizeERC20Withdrawal -> IERC20(_l1Token).safeTransfer(_to, _amount)

    • What is controllable? _l1Token_, _to, and _amount.

    • If return value controllable, how is it used and how can it go wrong? Discarded.

    • What happens if it reverts, reenters, or does other unusual control flow? Discarded.

Zellic © 2024Back to top ↑