Assessment reportsPublic findings
Back to Zellic siteBack
Assessment reports>Y2K Finance>Threat Model>transferToQueue
GeneralOverview
Findings
Critical (1)
High (3)
Medium (4)
Low (5)
Informational (1)
DiscussionVariable naming suggestionDocumentation contains additional parameterThe function `_swapUniswapV2` can be rewrittenLayerZero configurationUse Non-blocking pattern instead of blocking pattern in lzReceiveUse reentrancy guards in deposit and withdraw functions
Threat ModelWhat are threat models?ERC4626.solHookAave.solHookAaveFixYield.sol
QueueContract.soltransferToQueuetransferToStrategy
StrategyVault.solSwapRouter.solbridgeController.solcurve.solswapController.soluniswapV2.soluniswapV3.solvaultController.solzapDest.solzapFrom.sol
Audit ResultsSummary

Function: transferToQueue(address caller, uint256 amount)

This transfers asset from the caller to the QueueContract.

Inputs

  • caller

    • Control: Fully controlled.

    • Constraints: No constraints.

    • Impact: The caller of the function.

  • amount

    • Control: Fully controlled.

    • Constraints: No constraints.

    • Impact: The amount to transfer.

Branches and code coverage (including function calls)

Intended branches

  • The function checks if the msg.sender has a valid asset and transfers the specified amount.

  • The function emits a QueueDeposit event.

Negative behavior

  • The function reverts if the asset is address(0) or if the transferFrom operation fails.

Function call analysis

  • asset.transferFrom(caller, address(this), amount)

    • What is controllable? caller and amount.

    • If return value controllable, how is it used and how can it go wrong? N/A.

    • What happens if it reverts, reenters, or does other unusual control flow? If this reverts, the entire call fails --- no reentrancy issues.

Zellic © 2025Back to top ↑