Assessment reportsPublic findings
Back to Zellic siteBack
Assessment reports>Yeet>Threat Model>zapIn
GeneralOverview
Findings
Critical (3)
High (1)
Medium (1)
Low (2)
Informational (1)
DiscussionInconsistencies in modifiers can lead to missing checksCircuitBreaker complexity introduces unnecessary attack surfaces
Threat ModelWhat are threat models?MoneyBrinter.solStakeV2.sol
Zapper.solzapInzapInNativezapInToken0zapInToken1zapInWithMultipleTokenszapInWithoutSwapzapOutzapOutNativezapOutToToken0zapOutToToken1
Audit ResultsAssessment Results

Function: zapIn(address inputToken, SingleTokenSwap swapToToken0, SingleTokenSwap swapToToken1, KodiakVaultStakingParams stakingParams, VaultDepositParams vaultParams)

This zaps into the vault using a whitelisted token that swaps for token0 and token1.

Inputs

  • inputToken

    • Control: Fully controlled by the caller.

    • Constraints: N/A.

    • Impact: Whitelisted token that swaps for token0 and token1.

  • swapToToken0

    • Control: Fully controlled by the caller.

    • Constraints: N/A.

    • Impact: Information of swapping inputToken to token0.

  • swapToToken1

    • Control: Fully controlled by the caller.

    • Constraints: N/A.

    • Impact: Information of swapping inputToken to token1.

  • stakingParams

    • Control: Fully controlled by the caller.

    • Constraints: stakingParams.kodiakVault must be whitelist.

    • Impact: Information of staking in the vault.

  • vaultParams

    • Control: Fully controlled by the caller.

    • Constraints: N/A.

    • Impact: Information of depositing into the vault.

Branches and code coverage

Intended branches

  • Check if stakingParams.kodiakVault is added in the whitelist.

  • Receive amount that requires to swap inputToken.

Negative behavior

  • stakingParams.kodiakVault is not in the whitelist.

Zellic © 2025Back to top ↑