Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Y2K Finance>Threat Model>withdraw
GeneralOverview
Findings
Critical (1)
High (3)
Medium (5)
Low (4)
Informational (1)
DiscussionVariable naming suggestionDocumentation contains additional parameterThe function `_swapUniswapV2` can be rewrittenLayerZero configurationUse Non-blocking pattern instead of blocking pattern in lzReceiveUse reentrancy guards in deposit and withdraw functions
Threat ModelWhat are threat models?ERC4626.solHookAave.solHookAaveFixYield.solQueueContract.solStrategyVault.solSwapRouter.solbridgeController.solcurve.solswapController.soluniswapV2.soluniswapV3.solvaultController.sol
zapDest.solclaimRefundlzReceivesgReceivewithdraw
zapFrom.sol
Audit ResultsSummary

Function: withdraw(byte[1] funcSelector, byte[1] bridgeId, address receiver, uint256 id, uint16 _srcChainId, address vaultAddress, byte[] _withdrawPayload)

The direct call of the _withdraw function is only available for receiver for which the value receiverToVaultToIdToAmount[receiver][vaultAddress][id] is not zero.

Zellic © 2025Back to top ↑