Assessment reportsPublic findings
Back to Zellic site
Assessment reports>STFX>Threat Models>createVestingStartingFrom
GeneralOverview
Findings
High (1)
Medium (4)
DiscussionCentralizationEighteen-decimal compliance
Threat ModelsWhat are threat models?spot.solswap.soltrade.solvesting.sol
vestingFactory.solcreateVestingFromNowcreateVestingStartingFrom
Audit ResultsSummary

Function: createVestingStartingFrom(address _recipient, uint40 _start, uint40 _duration, uint256 _amount, bool _isCancellable)

Create a new vesting to a recipient starting from a custom _start time, with a set duration and amount of tokens. Can only be called by the treasury.

Inputs

  • _recipient

    • Control: Only the treasury can supply this input.

    • Constraints: Any recipient address.

    • Impact: The treasury can create vesting for any recipient.

  • _start

    • Control: Only the treasury can supply this input.

    • Constraints: Cannot be earlier than current block timestamp.

    • Impact: Custom starting time for the vesting.

  • _duration

    • Control: Only the treasury can supply this input.

    • Constraints: None.

    • Impact: The treasury can create vesting with any duration. Should have an upper and lower bound.

  • _amount

    • Control: Only the treasury can supply this input.

    • Constraints: Must be greater than 1 and less than the balance of the factory.

    • Impact: Only a valid amount can be vested.

  • _isCancellable

    • Control: Only the treasury can supply this input.

    • Constraints: No constraints.

    • Impact: The treasury can create a vesting that is cancellable or not.

Branches and code coverage (including function calls)

Intended branches

  • Treasury is able to create a new vesting to a recipient starting from _start, with a specified duration and amount of tokens.

Negative behaviur

  • Recipient address is zero.

  • Start time in the past.

  • Amount is zero.

  • Amount is more than the balance of the factory.

  • Vesting already exists for the recipient.

Function call analysis

  • createVestingStartingFrom -> IVesting(vestingAddress).initialise(_recipient, _start, _duration, _amount, _isCancellable)

  • What is controllable? The treasury can supply all the parameters.

  • If return value controllable, how is it used and how can it go wrong? No return value.

  • What happens if it reverts, reenters, or does other unusual control flow? Can only revert if the vestingAddress is not unique, which should not happen as it is a clone of the vesting contract. Reentrancy is not a concern, and no unusual control flow.

  • createVestingStartingFrom -> token.transfer(vestingAddress, _amount)

  • What is controllable? The amount of tokens to be transferred is controllable by the treasury.

  • If return value controllable, how is it used and how can it go wrong? No return value, but ERC20 transfer can fail without reverting, so it should be checked.

  • What happens if it reverts, reenters, or does other unusual control flow? Control flow is dependent on the ERC20 transfer function; thus, the protocol should do their due diligence to ensure that the transfer function of the specific ERC20 is safe.

Zellic © 2024Back to top ↑