Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Nukem Loans>Threat Model>safeTransfer
GeneralOverview
Findings
Critical (3)
High (3)
Medium (2)
Low (1)
DiscussionInitializer called in constructorBorrowing on behalf of the Market contractPotential storage-collision issueSaferERC20 additional checksEIP-712 implementationMarket setters should only be called onceUtilizing eth-brownie for testingCentralizationAMM oracle pricing
Threat ModelWhat are threat models?AbstractSwapper.solAuctions.solCollateral.solCredit.solDebt.solEIP712.solERC20Base.solERC20Permit.solEnFi4626.solLendingStrategy.solMarket.solProxyManager.solRoles.sol
SaferERC20.solsafeTransfersafeTransferToSelf
UniswapV2Swapper.sol
Audit ResultsSummary

Function: safeTransfer(IERC20 token, address to, uint256 value)

This allows performing of a safe transfer of tokens. If the token is ETH, then the value is transferred to the address. If the token is not ETH, then the value is transferred from the contract to the address.

Inputs

  • token

    • Control: Controlled by calling function.

    • Constraints: Has to be either a valid IERC20 or native ETH.

    • Impact: The token to be transferred.

  • to

    • Control: Controlled by calling function.

    • Constraints: Must be a valid address.

    • Impact: The address to receive the tokens.

  • value

    • Control: Controlled by calling function.

    • Constraints: None; presumably the calling function will do the checks.

    • Impact: The amount of tokens to be transferred.

Branches and code coverage (including function calls)

Intended branches

  • Assume that to is entitled the value and that the contract has enough balance to transfer.

  • Assume that higher-level calling function will check that the to does not receive more than they deserve.

Negative behavior

  • Should not allow receiving ETH if the token is not ETH. Currently not checked.

Zellic © 2023Back to top ↑