Assessment reports>Prisma Finance>Threat Models>claimReward

Function: claimReward(address receiver)

Let a user claim their pending rewards, transfers the claimed amounts to a receiver.

Inputs

  • receiver

    • Control: Controlled by the user.

    • Constraints: N/A.

    • Impact: The address to which the claimed rewards are sent.

Branches and code coverage (including function calls)

Intended branches

  • Successful reward claim.

Negative behavior

  • Invalid receiver address (zero address).

Function call analysis

  • claimReward -> CRV.transfer(receiver, amounts[1])

    • What is controllable? The receiver address is controllable by the user.

    • If return value controllable, how is it used and how can it go wrong? This function does not handle the return value of the transfer.

    • What happens if it reverts, reenters, or does other unusual control flow? If the transfer reverts, then the whole claimReward transaction reverts, which is appropriate if the rewards cannot be transferred.

  • CVX.transfer(receiver, amounts[2])

    • What is controllable? The receiver address is controllable by the user.

    • If return value controllable, how is it used and how can it go wrong? This function does not handle the return value of the transfer.

    • What happens if it reverts, reenters, or does other unusual control flow? If the transfer reverts, then the whole claimReward transaction reverts, which is appropriate if the rewards cannot be transferred.

  • treasury.transferAllocatedTokens(msg.sender, receiver, amounts[0])

    • What is controllable? The sender and the receiver addresses are controllable by the user.

    • If return value controllable, how is it used and how can it go wrong? The function does not handle the return value of transferAllocatedTokens.

    • What happens if it reverts, reenters, or does other unusual control flow? Similar to the transfer functions, if this call reverts, the entire transaction will revert.

Zellic © 2025Back to top ↑