Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Y2K Finance>Threat Model>closePosition
GeneralOverview
Findings
Critical (1)
High (3)
Medium (5)
Low (4)
Informational (1)
DiscussionVariable naming suggestionDocumentation contains additional parameterThe function `_swapUniswapV2` can be rewrittenLayerZero configurationUse Non-blocking pattern instead of blocking pattern in lzReceiveUse reentrancy guards in deposit and withdraw functions
Threat ModelWhat are threat models?ERC4626.solHookAave.solHookAaveFixYield.solQueueContract.sol
StrategyVault.solclaimEmissionsclearQueuedDepositsclosePositiondeployPositiondepositrequestWithdrawalsetWeightStrategyunrequestWithdrawalupdateActiveListwithdrawwithdrawFromQueue
SwapRouter.solbridgeController.solcurve.solswapController.soluniswapV2.soluniswapV3.solvaultController.solzapDest.solzapFrom.sol
Audit ResultsSummary

Function: closePosition()

The fundsDeployed should be true. After the call is set to false, deploymentId is increased. This allows the owner of the contract to trigger close position and withdraw funds from Y2K vaults.

Branches and code coverage (including function calls)

Negative behavior

  • fundsDeployed is false.

  • Second call after successful closing of position.

Function call analysis

  • hook.addr.beforeClose();

    • What is controllable? N/A.

    • If return value controllable, how is it used and how can it go wrong? N/A.

    • What happens if it reverts, reenters, or does other unusual control flow? This function is called if hook.command.shouldCallBeforeClose() == true. The hook.addr is controlled by the owner of the contract.

  • _closePosition(position)

    • What is controllable? Nothing controllable directly by caller; the position data was filled during the deployPosition call.

    • If return value controllable, how is it used and how can it go wrong? The function returns nothing.

    • What happens if it reverts, reenters, or does other unusual control flow? Withdraws funds from vaults --- can revert due to problems with withdrawal in external contract.

  • _transferAssets(hook.addr.afterCloseTransferAssets())

    • What is controllable? Nothing controllable directly by the caller. The afterCloseTransferAssets function returns the list of tokens.

    • If return value controllable, how is it used and how can it go wrong? The function returns nothing.

    • What happens if it reverts, reenters, or does other unusual control flow? This function is called if hook.command.shouldTransferAfterClose() == true. The function transfers asset tokens from the returned list to the receiver (hook.addr). The current balance of contract passed as value argument to the safeTransfer(IERC20 token, address to, uint256 value) function, so there will not be a situation that there are not enough tokens to transfer.

  • hook.addr.afterClose()

    • What is controllable? N/A.

    • If return value controllable, how is it used and how can it go wrong? The function returns nothing.

    • What happens if it reverts, reenters, or does other unusual control flow? This function is called if hook.command.shouldCallAfterClose() == true. The hook.addr is controlled by the owner of the contract.

  • previewRedeem(totalQueuedShares[deploymentId])

    • What is controllable? N/A.

    • If return value controllable, how is it used and how can it go wrong? Return the amount of asset token for the corresponding amount of shares, which are added to the queue for withdrawal for current depolyId. If totalQueuedShares[deploymentId] is calculated incorrecly, the resulting asset value also will be wrong.

    • What happens if it reverts, reenters, or does other unusual control flow? There is no problem.

  • _pullQueuedDeposits(queueLength)

    • What is controllable? N/A.

    • If return value controllable, how is it used and how can it go wrong? N/A.

    • What happens if it reverts, reenters, or does other unusual control flow? There is no problem.

Zellic © 2024Back to top ↑