Assessment reportsPublic findings
Back to Zellic siteBack
Assessment reports>Ostium>Threat Model>delegatedAction
GeneralOverview
Findings
Critical (2)
High (3)
Medium (6)
Low (6)
Informational (2)
DiscussionRemoval of trading pairs is not supportedIncorrect last updated block number for TP and SLTradeUtils used as a library for address
Threat ModelWhat are threat models?
Delegatable.soldelegatedActionremoveDelegatesetDelegate
OstiumOpenPnl.solOstiumTrading.solOstiumVault.sol
Audit ResultsSummary

Function: delegatedAction(address trader, bytes call_data)

Called by a delegate to call a function on behalf of a trader who has delegated to them.

Inputs

  • trader

    • Control: Arbitrary.

    • Constraints: Must have delegated to the sender.

    • Impact: Used as the sender for Trading functions.

  • call_data

    • Control: Arbitrary.

    • Constraints: None.

    • Impact: Call data for Trading function call.

Function call analysis

  • Delegatable is only inherited by OstiumTrading.

  • So, the function executed by the delegatecall frame must be a function in OstiumTrading.

  • No function in Initializable or Delegatable calls _msgSender(), so they behave the same as if they were called directly by the user.

  • Most external functions in OstiumTrading read from _msgSender() to allow for delegation.

  • If delegatedAction calls itself, the actual sender is checked to authorize delegation, not the delegated sender. So, a nested call can only occur when both targets directly have delegated to the caller. Since only one call can be made, the nested senderOverride change from the first target to the second target does not have any effect that can persist past the end of the call.

Zellic © 2025Back to top ↑