Assessment reports>Nukem Loans>Threat Model>safeTransfer

Function: safeTransfer(IERC20 token, address to, uint256 value)

This allows performing of a safe transfer of tokens. If the token is ETH, then the value is transferred to the address. If the token is not ETH, then the value is transferred from the contract to the address.

Inputs

  • token

    • Control: Controlled by calling function.

    • Constraints: Has to be either a valid IERC20 or native ETH.

    • Impact: The token to be transferred.

  • to

    • Control: Controlled by calling function.

    • Constraints: Must be a valid address.

    • Impact: The address to receive the tokens.

  • value

    • Control: Controlled by calling function.

    • Constraints: None; presumably the calling function will do the checks.

    • Impact: The amount of tokens to be transferred.

Branches and code coverage (including function calls)

Intended branches

  • Assume that to is entitled the value and that the contract has enough balance to transfer.

  • Assume that higher-level calling function will check that the to does not receive more than they deserve.

Negative behavior

  • Should not allow receiving ETH if the token is not ETH. Currently not checked.

Zellic © 2024Back to top ↑