Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Origami Finance>Threat Model>investWithToken
GeneralOverview
Findings
Low (3)
DiscussionPossible share-price inflationLack of validationExemplary codebasePotential price arbitrage
Threat ModelWhat are threat models?LinearWithKinkInterestRateModel.solMintableToken.solOrigamiAaveV3IdleStrategy.solOrigamiAbstractLovTokenManager.solOrigamiCircuitBreakerAllUsersPerPeriod.solOrigamiCircuitBreakerProxy.solOrigamiCrossRateOracle.solOrigamiDebtToken.solOrigamiElevatedAccessBase.solOrigamiIdleStrategyManager.solOrigamiInvestmentVault.solOrigamiLendingClerk.solOrigamiLendingRewardsMinter.solOrigamiLendingSupplyManager.sol
OrigamiLovToken.solcollectPerformanceFeesexitToNativeexitToTokeninvestWithNativeinvestWithToken
OrigamiLovTokenErc4626Manager.solOrigamiOToken.solRepricingToken.solTokenPrices.sol
Audit ResultsSummary

Function: investWithToken(InvestQuoteData quoteData)

Allows users to invest in accepted ERC-20 tokens and receive lovToken in return.

Inputs

  • quoteData.fromToken

    • Constraints: There are no constraints here. But the address is validated inside the _depositIntoReserves function of the OrigamiLovTokenManager contract (_manager.investWithToken(msg.sender, quoteData) -> _depositIntoReserves). If fromToken is equal to the depositAsset, then depositAsset will be deposited to the _reserveToken. If fromToken is equal to the _reserveToken, then its tokens are already deposited for the _manager contract; otherwise, the function will revert.

    • Impact: The token that will be invested.

  • quoteData.fromTokenAmount

    • Constraints: Cannot be zero.

    • Impact: The caller transfers the fromTokenAmount of approved ERC-20 tokens to the OrigamiLovTokenManager contract.

  • quoteData.maxSlippageBps

    • Constraints: Is not used and is not validated.

    • Impact: The maximum allowed slippage of the expectedInvestmentAmount.

  • quoteData.deadline

    • Constraints: Is not used and is not validated.

    • Impact: The maximum deadline to execute the transaction.

  • quoteData.expectedInvestmentAmount

    • Constraints: Is not used and is not validated.

    • Impact: The expected amount of this lovToken token to receive in return.

  • quoteData.minInvestmentAmount

    • Constraints: There is a check inside _manager.investWithToken(msg.sender, quoteData) that investmentAmount is not less than quoteData.minInvestmentAmount.

    • Impact: The minimum amount of lovTokens to receive.

  • quoteData.underlyingInvestmentQuoteData

    • Constraints: Is not used and is not validated.

    • Impact: Extra quote parameters.

Branches and code coverage

Intended branches

  • The expected amount of lovTokens was minted for the msg.sender.

Negative behavior

  • quoteData.fromToken is not a trusted contract.

  • The caller does not own enough fromToken tokens.

  • quoteData.fromTokenAmount is zero

Function call analysis

  • SafeERC20.safeTransferFrom(IERC20(quoteData.fromToken), msg.sender, address(_manager), quoteData.fromTokenAmount)

    • What is controllable? quoteData.fromToken and quoteData.fromTokenAmount.

    • If the return value is controllable, how is it used and how can it go wrong? No return value.

    • What happens if it reverts, reenters or does other unusual control flow? Can revert if msg.sender does not have enough fromToken to transfer. The function investWithToken has a nonreentrant modifier.

  • _manager.investWithToken(msg.sender, quoteData)

    • What is controllable? quoteData.

    • If the return value is controllable, how is it used and how can it go wrong? The function returns the number of lovTokens that will be minted for the caller. The investmentAmount is not less than quoteData.minInvestmentAmount.

    • What happens if it reverts, reenters or does other unusual control flow? The _manager is a trusted contract that is not controlled by the caller.

Zellic © 2025Back to top ↑