Assessment reportsPublic findings
Back to Zellic siteBack
Assessment reports>d3-doma>Threat Model>Function: ownerDetokenize()
GeneralOverview
Findings
Critical (3)
Medium (1)
Low (6)
Informational (2)
Threat ModelWhat are threat models?DomaForwarder.sol
DomaRecordProxyFacet.solFunction: bridge()Function: claimOwnership()Function: completeDetokenization()Function: initiateTokenization()Function: ownerDetokenize()Function: tokenTransfer()
DomaRecordRegistrarClaimFacet.solDomaRecordRegistrarFacet.solERC7786GatewayReceiver.solERC7786GatewaySource.solMarketplace.solOwnershipToken.solProxyDomaRecord.sol
Audit ResultsAssessment Results

Function: ownerDetokenize()

This function is called by a token owner to detokenize their domain.

Inputs

  • tokenId

    • Control: Semicontrolled.

    • Constraints: The user claiming ownership must have this token existing in their wallet.

    • Impact: The token ID of the ownership token being detokenized.

  • chainId

    • Control: Not controlled.

    • Constraints: This is hardcoded by the ProxyDomaRecord contract.

    • Impact: This is the chain ID of the remote chain.

  • ownerAddress

    • Control: Not controlled.

    • Constraints: N/A.

    • Impact: This is the msg.sender who is initiating detokenization on the remote chain.

  • correlationId

    • Control: Not controlled.

    • Constraints: This is hardcoded by the ProxyDomaRecord contract.

    • Impact: This is a hash of the current block number, the chain ID, and a nonce on the remote chain.

Branches and code coverage (including function calls)

Intended branches

Negative behavior

Zellic © 2025Back to top ↑