Zellic - Audit Reports

Handles the receipt of native via StarGate.

refId
- Control: Fully controlled by calling function.
- Constraints: None.
- Impact: The reference ID of the transaction.
to
- Control: Fully controlled by calling function.
- Constraints: None.
- Impact: The address to send the bridged tokens to.
toToken
- Control: Fully controlled by calling function.
- Constraints: Checked whether it is the ETH_PLACEHOLDER_ADDR.
- Impact: The token to send to the to address.
bridgedAmount
- Control: Fully controlled by calling function.
- Constraints: None. Assumed to be correctly forwarded by StarGate.
- Impact: The amount of the bridged token.
minToAmount
- Control: Fully controlled by calling function.
- Constraints: None. Assumed that checks are performed in the wooRouter.
- Impact: The minimum amount of the toToken to receive.
dst1inch
- Control: Fully controlled by calling function.
- Constraints: None. Checked that it is not address(0).
- Impact: The 1inch router to use for the swap.

Intended branches

Check that realToAmount is greater than minToAmount. Currently not checked.
Test coverage
If the toToken is ETH_PLACEHOLDER_ADDR, directly transfer the bridged amount as the native token, then return to exit early.
Test coverage
If the toToken is not ETH_PLACEHOLDER_ADDR, wrap it as WETH, then swap it to the toToken if required.
Test coverage
If the toToken is not ETH_PLACEHOLDER_ADDR, and either of the swaps did not succeed, transfer the bridged amount as WETH to the to address.
Test coverage
Ensure that adequate approvals are performed before calling the swap functions.
Test coverage
Ensure that approvals are removed after the swap is performed.
Test coverage

Negative behavior

The source address of the cross-chain transaction should be a WooCrossChainRouter on the source chain; this is currently not enforced at any level.
Negative test
Caller should be the StarGate router. This is enforced at calling function level.
Negative test