Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Mantle>Threat Models>defundContract
GeneralOverview
Findings
High (1)
Low (1)
Informational (2)
DiscussionCentralization riskOwnership transfer
Threat ModelsWhat are threat models?L1MantleToken.solL1StandardBridge.solL2StandardBridge.sol
MantleTokenMigrator.soldefundContractfallbackhaltContractmigrateAllBITmigrateBITreceivesetTreasurysweepTokenstransferOwnershipunhaltContract
Audit ResultsSummary

Function: defundContract(address _tokenAddress, uint256 _amount)

Defunds the contract.

Inputs

  • _tokenAddress

    • Control: Full.

    • Constraints: Needs to be either BIT_TOKEN_ADDRESS or MNT_TOKEN_ADDRESS.

    • Impact: The valid address of the token to be defunded.

  • _amount

    • Control: Full.

    • Constraints: Needs to be less than or equal to the full amount available in the contract.

    • Impact: The amount to be defunded.

Branches and code coverage (including function calls)

Intended branches

  • Successfully defunds the contract if all conditions are met.

Negative behavior

  • Reverts if the contract is not sufficiently funded as _amount.

  • Reverts if a nonowner address attempts to fund the contract.

  • Reverts if the contract attempts to defund invalid tokens.

Function call analysis

  • defundContract -> ERC20(_tokenAddress).safeTransfer(treasury, _amount)

    • What is controllable? _tokenAddress and _amount.

    • If return value controllable, how is it used and how can it go wrong? Discarded.

    • What happens if it reverts, reenters, or does other unusual control flow? Discarded.

Zellic © 2024Back to top ↑