Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Staking>Threat Model>claim
GeneralOverview
Findings
High (1)
Medium (1)
Informational (2)
DiscussionDeployment failure could waste gasTesting coverage assessment
Threat ModelWhat are threat models?BonusDistributor.solRewardDistributor.solRewardTracker.solStakingAdmin.solStakingRouter.solVester.sol
VesterNoReserve.solclaimclaimabledepositwithdraw
Audit ResultsSummary

Function: claim()

Claims the vested tokens of msg.sender.

Branches and code coverage (including function calls)

Intended branches

  • Tokens are claimed.

Function call analysis

  • `claim() -> _updateVesting(...) -> _burn(account, amount)

    • What is controllable? Nothing.

    • What happens if it reverts, reenters, or does other unusual control flow? N/A.

    • If return value is controllable, how is it used and how can it go wrong: Discarded.

  • claim() -> _updateVesting(...) -> IRestrictedToken(esToken).burn(_account, amount)

    • What is controllable? Nothing.

    • What happens if it reverts, reenters, or does other unusual control flow? User does not have enough tokens.

    • If return value is controllable, how is it used and how can it go wrong: Discarded.

  • claim() -> _claim(...) -> claimableToken.safeTransfer(_receiver, amount)

    • What is controllable? _receiver.

    • What happens if it reverts, reenters, or does other unusual control flow? Nothing.

    • If return value is controllable, how is it used and how can it go wrong: Discarded.

Zellic © 2024Back to top ↑