Slither Analysis
Overview
Slither is a static analysis framework for Solidity developed by Trail of Bits. It detects vulnerabilities, code quality issues, and provides optimization suggestions.
Scope
| Contract | Network | Description |
|---|---|---|
KingsVaultV2AsyncRedeem.sol |
Ethereum | Main vault (ERC-4626 / ERC-7540) |
KPortfolio.sol |
Ethereum | Portfolio fund router |
AaveEarnPool.sol |
Ethereum | Aave V3 adapter |
ERC4626EarnPool.sol |
Ethereum | Morpho Steakhouse adapter |
HyperStrategy.sol |
HyperEVM | Cross-chain strategy executor |
Key Detectors
The following Slither detectors are most relevant to King's Vault's architecture:
| Detector | Relevance |
|---|---|
reentrancy-eth |
Critical — deposit/withdraw/settle all transfer tokens |
reentrancy-no-eth |
Cross-function reentrancy via state changes |
controlled-delegatecall |
Proxy upgrade safety |
unchecked-transfer |
SafeERC20 usage verification |
arbitrary-send-erc20 |
Validate all transferFrom sources |
divide-before-multiply |
Precision errors in PPS / fee calculations |
missing-zero-check |
Constructor / initializer parameter validation |
unprotected-upgrade |
UUPS / proxy initialization |
Expected Findings
Informational / Low
- Pragma solidity version: Use locked version (
0.8.x) rather than floating. - Missing events: Ensure all state-changing admin functions emit events.
- Centralization risks: Multi-sig recommended for Owner/Manager roles (inherent design choice, not a bug).
Areas of Focus
- Rounding in share calculations:
deposit(),redeem(),previewClaimableRedeem()— verify rounding favors vault. - Access control completeness: All admin functions must have role checks. Verify
requestRedeemaccess. - State consistency: PPS update in
settle()must be atomic — no partial state where PPS is updated but fee shares are not minted. - CCIP receiver validation:
_ccipReceivemust verifysourceChainSelectorandsender.
Running
slither src/ --config-file slither.config.json
Results should be committed to this page after each audit cycle.