Assessment reportsPublic findings
Back to Zellic siteBack
Assessment reports>WOOFi Swap>Threat Model>_bridgeByStargate
GeneralOverview
Findings
High (2)
Medium (3)
Low (2)
Informational (2)
DiscussionFunction `skimMulTokens` does not workThrowing Panic is not recommendedThe WooPPV2 contract doesn't need to be an admin
Threat ModelWhat are threat models?
WooCrossChainRouterV4.sol_bridgeByStargate_handleERC20Received_handleNativeReceivedclaimFeecrossSwapinCaseTokenGotStuckpausesgReceiveunpause
WooPPV2.solWooRouterV2.sol
Audit ResultsSummary

Function: _bridgeByStargate(uint256 refId, address payable to, uint256 msgValue, uint256 bridgeAmount, SrcInfos srcInfos, DstInfos dstInfos, Dst1inch dst1inch)

Allows bridging via StarGate.

Inputs

  • refId

    • Control: Fully controlled by the calling function.

    • Constraints: None.

    • Impact: The reference ID of the transaction.

  • to

    • Control: Fully controlled by the calling function.

    • Constraints: None.

    • Impact: The address to send the bridged tokens to.

  • msgValue

    • Control: Fully controlled by the calling function.

    • Constraints: None. Theoretically only used for the native swap case.

    • Impact: Cumulated msg.value from the calling function.

  • bridgeAmount

    • Control: Fully controlled by the calling function.

    • Constraints: None. Assumed that these tokens have been transferred atomically (i.e., same transaction) to this contract.

    • Impact: The amount of the bridged token.

  • srcInfos

    • Control: Fully controlled by the calling function.

    • Constraints: Minimal. Most are performed in the calling function.

    • Impact: The source information.

  • dstInfos

    • Control: Fully controlled by the calling function.

    • Constraints: Minimal. Most are performed in the calling function.

    • Impact: The destination information.

  • dst1inch

    • Control: Fully controlled by the calling function.

    • Constraints: None. Assumed to be valid.

    • Impact: The 1inch router to use for the swap (if any).

Branches and code coverage

Intended branches

  • If bridgeToken is WETH, withdraw the bridgeAmount from the WETH contract so that it can be used as the msg.value.

  • If bridgeToken is not WETH, approve the bridgeAmount of the bridgeToken to the StarGate router. Assumes these tokens have been transferred atomically (i.e., same transaction) to this contract.

  • Forward the cross-chain swap to StarGate and forward the payload.

Negative behavior

  • Caller is a service admin.

  • Negative behavior should be what the function requires.

Zellic © 2025Back to top ↑