Assessment reportsPublic findings
Back to Zellic site
Assessment reports>STFX>Threat Models>createVestingFromNow
GeneralOverview
Findings
High (1)
Medium (4)
DiscussionCentralizationEighteen-decimal compliance
Threat ModelsWhat are threat models?spot.solswap.soltrade.solvesting.sol
vestingFactory.solcreateVestingFromNowcreateVestingStartingFrom
Audit ResultsSummary

Function: createVestingFromNow(address _recipient, uint40 _duration, uint256 _amount, bool _isCancellable)

Create a new vesting to a recipient starting from the current block.timestamp with a set duration and amount of tokens. Can only be called by the treasury.

Inputs

  • _recipient

    • Control: Only the treasury can supply this input.

    • Constraints: Any recipient address.

    • Impact: The treasury can create vesting for any recipient.

  • _duration

    • Control: Only the treasury can supply this input.

    • Constraints: No constraints.

    • Impact: The treasury can create vesting with any duration. Should have an upper and lower bound.

  • _amount

    • Control: Only the treasury can supply this input.

    • Constraints: Must be greater than 1 and less than the balance of the factory.

    • Impact: Only a valid amount can be vested.

  • _isCancellable

    • Control: Only the treasury can supply this input.

    • Constraints: No constraints.

    • Impact: The treasury can create a vesting that is cancellable or not.

Branches and code coverage (including function calls)

Intended branches

Negative behavior

Function call analysis

  • createVestingFromNow -> IVesting(vestingAddress).initialise(_recipient, uint40(block.timestamp), _duration, _amount, _isCancellable)

  • What is controllable? The treasury can supply the recipient address, duration, amount, and isCancellable.

    • If return value controllable, how is it used and how can it go wrong? No return value.

    • What happens if it reverts, reenters, or does other unusual control flow? Can only revert if the vestingAddress is not unique, which should not happen as it is a clone of the vesting contract. Reentrancy is not a concern, and no unusual control flow.

  • createVestingFromNow -> token.transfer(vestingAddress, _amount)

    • What is controllable? The amount of tokens to be transferred is controllable by the treasury.

    • If return value controllable, how is it used and how can it go wrong? No return value, but ERC20 transfer can fail without reverting, so it should be checked.

    • What happens if it reverts, reenters, or does other unusual control flow? Control flow is dependent on the ERC20 transfer function, thus the protocol should do their due diligence to ensure that the transfer function of the specific ERC20 is safe.

Zellic © 2024Back to top ↑