Function: investWithToken(InvestQuoteData quoteData)
Allows users to invest in accepted ERC-20 tokens and receive lovToken in return.
Inputs
quoteData.fromToken
Constraints: There are no constraints here. But the address is validated inside the
_depositIntoReserves
function of the OrigamiLovTokenManager contract (_manager.investWithToken(msg.sender, quoteData)
->_depositIntoReserves
). IffromToken
is equal to thedepositAsset
, thendepositAsset
will be deposited to the_reserveToken
. IffromToken
is equal to the_reserveToken
, then its tokens are already deposited for the_manager
contract; otherwise, the function will revert.Impact: The token that will be invested.
quoteData.fromTokenAmount
Constraints: Cannot be zero.
Impact: The caller transfers the
fromTokenAmount
of approved ERC-20 tokens to the OrigamiLovTokenManager contract.
quoteData.maxSlippageBps
Constraints: Is not used and is not validated.
Impact: The maximum allowed slippage of the
expectedInvestmentAmount
.
quoteData.deadline
Constraints: Is not used and is not validated.
Impact: The maximum deadline to execute the transaction.
quoteData.expectedInvestmentAmount
Constraints: Is not used and is not validated.
Impact: The expected amount of this lovToken token to receive in return.
quoteData.minInvestmentAmount
Constraints: There is a check inside
_manager.investWithToken(msg.sender, quoteData)
thatinvestmentAmount
is not less thanquoteData.minInvestmentAmount
.Impact: The minimum amount of lovTokens to receive.
quoteData.underlyingInvestmentQuoteData
Constraints: Is not used and is not validated.
Impact: Extra quote parameters.
Branches and code coverage
Intended branches
The expected amount of lovTokens was minted for the
msg.sender
.
Negative behavior
quoteData.fromToken
is not a trusted contract.The caller does not own enough
fromToken
tokens.quoteData.fromTokenAmount
is zero
Function call analysis
SafeERC20.safeTransferFrom(IERC20(quoteData.fromToken), msg.sender, address(_manager), quoteData.fromTokenAmount)
What is controllable?
quoteData.fromToken
andquoteData.fromTokenAmount
.If the return value is controllable, how is it used and how can it go wrong? No return value.
What happens if it reverts, reenters or does other unusual control flow? Can revert if
msg.sender
does not have enoughfromToken
to transfer. The functioninvestWithToken
has a nonreentrant modifier.
_manager.investWithToken(msg.sender, quoteData)
What is controllable?
quoteData
.If the return value is controllable, how is it used and how can it go wrong? The function returns the number of lovTokens that will be minted for the caller. The
investmentAmount
is not less thanquoteData.minInvestmentAmount
.What happens if it reverts, reenters or does other unusual control flow? The
_manager
is a trusted contract that is not controlled by the caller.