Assessment reportsPublic findings
Back to Zellic siteBack
Assessment reports>Y2K Finance>Threat Model>withdraw
GeneralOverview
Findings
Critical (1)
High (3)
Medium (4)
Low (5)
Informational (1)
DiscussionVariable naming suggestionDocumentation contains additional parameterThe function `_swapUniswapV2` can be rewrittenLayerZero configurationUse Non-blocking pattern instead of blocking pattern in lzReceiveUse reentrancy guards in deposit and withdraw functions
Threat ModelWhat are threat models?
ERC4626.soldepositwithdraw
HookAave.solHookAaveFixYield.solQueueContract.solStrategyVault.solSwapRouter.solbridgeController.solcurve.solswapController.soluniswapV2.soluniswapV3.solvaultController.solzapDest.solzapFrom.sol
Audit ResultsSummary

Function: withdraw(uint256 shares, address receiver, address owner)

Withdraws assets by burning shares and transferring assets to the receiver

Inputs

  • shares

    • Control: Fully controlled.

    • Constraints: No constraints.

    • Impact: The amount of shares to burn for withdrawal.

  • receiver

    • Control: Fully controlled.

    • Constraints: No constraints.

    • Impact: The address to receive the withdrawn assets.

  • owner

    • Control: Fully controlled.

    • Constraints: Owner should either be the caller of the function or should have enough allowance

    • Impact: The owner of the shares.

Branches and code coverage (including function calls)

Intended branches

  • The function calculates the assets to be withdrawn based on shares.

  • If the sender is not the owner, it updates the allowance for the sender to spend the owner's shares.

  • The function calls beforeWithdraw to perform any necessary prewithdraw actions.

  • The function burns the specified shares from the owner's balance.

  • The function emits a Withdraw event.

  • The function transfers assets to the receiver.

Negative behavior

  • The function reverts if the sender tries to withdraw more shares than allowed by their allowance.

Function call analysis

  • beforeWithdraw(assets, shares)

    • What is controllable? assets and shares.

    • If return value controllable, how is it used and how can it go wrong? N/A.

    • What happens if it reverts, reenters, or does other unusual control flow? If the beforeWithdraw reverts, the entire function would revert.

  • _burn(owner, shares)

    • What is controllable? owner and shares.

    • If return value controllable, how is it used and how can it go wrong? N/A.

    • What happens if it reverts, reenters, or does other unusual control flow? If the burning of shares fails, it will revert and the transaction will be rolled back.

  • asset.safeTransfer(receiver, assets)

    • What is controllable? receiver and assets.

    • If return value controllable, how is it used and how can it go wrong? N/A.

    • What happens if it reverts, reenters, or does other unusual control flow? If the asset transfer fails, it will revert and the transaction will be rolled back.

Zellic © 2025Back to top ↑