Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Silo Staking>Threat Model>Message: ExecuteMsg::Donate
GeneralOverview
Findings
High (1)
Low (1)
Threat ModelWhat are threat models?
hub-execute.rsMessage: ExecuteMsg::BondMessage: execute::check_received_coin_msgMessage: ExecuteMsg::DonateMessage: ExecuteMsg::HarvestMessage: ExecuteMsg::RebalanceMessage: ExecuteMsg::ReconcileMessage: execute::reinvestMessage: ExecuteMsg::SubmitBatchMessage: ExecuteMsg::TuneDelegationsMessage: ExecuteMsg::AcceptOwnershipMessage: ExecuteMsg::AddValidatorMessage: ExecuteMsg::CallbackMessage: ExecuteMsg::DropOwnershipProposalMessage: ExecuteMsg::RemoveValidatorMessage: ExecuteMsg::TransferOwnershipMessage: ExecuteMsg::QueueUnbondMessage: ExecuteMsg::UpdateConfigMessage: ExecuteMsg::VoteMessage: ExecuteMsg::VoteWeightedMessage: ExecuteMsg::WithdrawUnbonded
token-execute.rs
Audit ResultsSummary

Message: ExecuteMsg::Donate

This message could be used by anyone to provide utokens to the contract without receiving any ustake in return.

The parameter that a user can control is info.funds — the list of tokens sent along with the message.

The message executes the bond function with the donate parameter set to true. The function first validates the funds sent to it and then finds the validator with the smallest amount of delegation to delegate tokens to it. As the info.sender does not receive any ustake in return, neither the function does not calculate the mint amount nor the total supply of ustake is increased.

The function also stores the current snapshot of the balance, which is passed to the CallbackMsg::CheckReceivedCoin message, and the newly received coins are added to the unlocked_coins during the callback.

Zellic © 2024Back to top ↑