Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Nukem Loans>Threat Model>create
GeneralOverview
Findings
Critical (3)
High (3)
Medium (2)
Low (1)
DiscussionInitializer called in constructorBorrowing on behalf of the Market contractPotential storage-collision issueSaferERC20 additional checksEIP-712 implementationMarket setters should only be called onceUtilizing eth-brownie for testingCentralizationAMM oracle pricing
Threat ModelWhat are threat models?AbstractSwapper.solAuctions.solCollateral.solCredit.solDebt.solEIP712.solERC20Base.solERC20Permit.solEnFi4626.solLendingStrategy.solMarket.sol
ProxyManager.solcreatesetImplementationupgradeContract
Roles.solSaferERC20.solUniswapV2Swapper.sol
Audit ResultsSummary

Function: create(byte[32] implementation_id, bytes[32] init_data, bytes[32] salt)

This allows the creation of clones of a master contract.

Inputs

  • implementation_id

    • Control: Fully controlled by owner

    • Constraints: Assumed to be a valid implementation.

    • Impact: Allows the owner to create clones of the implementation.

  • init_data

    • Control: Fully controlled by owner.

    • Constraints: None.

    • Impact: The owner can pass arbitrary data to the initializer of the clone.

  • salt

    • Control: Fully controlled by owner.

    • Constraints: None.

    • Impact: The salt used for the CREATE2 opcode for deploying the clone.

Branches and code coverage (including function calls)

Intended branches

  • Ensure that the master contract being cloned is a valid contract.

  • Add the clone to the list of instances.

  • Set the reverse mapping of the clone to the implementation ID.

  • Bootstrap the clone.

  • Initialize the clone.

Negative behavior

  • Should not allow anyone other than the owner to create clones.

  • Should not allow the creation of clones of nonexistent implementations.

Zellic © 2023Back to top ↑