Assessment reports>Perennial>Threat Model>_update

Function: _update(IMarket IMarket, UFixed6 UFixed6, UFixed6 UFixed6, UFixed6 UFixed6, Fixed6 Fixed6, bool bool)

Calls market.update with msg.sender as the account and the specified arguments. Optionally routes and optionally wraps tokens to send to market or receive from market.

Inputs

  • market

    • Control: Arbitrary.

    • Constraints: None.

    • Impact: Contract makes a call to market.update with some attacker-controlled arguments.

  • newMaker

    • Control: Arbitrary.

    • Constraints: None.

    • Impact: Argument to market.update call.

  • newLong

    • Control: Arbitrary.

    • Constraints: None.

    • Impact: Argument to market.update call.

  • newShort

    • Control: Arbitrary.

    • Constraints: None.

    • Impact: Argument to market.update call.

  • collateral

    • Control: Arbitrary.

    • Constraints: None.

    • Impact: Argument to market.update call.

  • wrap

    • Control: Arbitrary.

    • Constraints: None.

    • Impact: Whether DSU is used directly or USDC is used with this function wrapping/unwrapping it.

Function call analysis

  • _update -> _deposit -> USDC.pull(msg.sender, amount) and DSU.pull(msg.sender, amount)

    • What is controllable? Amount.

    • If return value controllable, how is it used and how can it go wrong? N/A.

    • What happens if it reverts, reenters, or does other unusual control flow? Reverts bubble up; reentrancy is fine and very unlikely for USDC and DSU underlying transferFrom.

  • _update -> _deposit -> _wrap -> reserve.mint(amount) and batcher.wrap(amount, receiver)

    • What is controllable? Amount.

    • If return value controllable, how is it used and how can it go wrong? N/A.

    • What happens if it reverts, reenters, or does other unusual control flow? Reverts bubble up; reentrancy is fine and very unlikely for reserve and batcher.

Zellic © 2025Back to top ↑