Zellic - Audit Reports

Function: `renew(string calldata tokenId, bool isSynthetic, uint256 expiresAt, string calldata correlationId)`

This function renews ownership tokens by updating their expiration dates. It can only be called by authorized cross-chain senders from Doma chain in response to domain renewals. It updates token expiration without ownership verification.

Inputs

tokenId
- Control: Full.
- Constraints: Converted to uint256 via Strings.parseUint().
- Impact: Identifies the specific token to renew.
isSynthetic
- Control: Not controlled.
- Constraints: Must be false (synthetic tokens not implemented).
- Impact: Distinguishes between regular and permissioned tokens.
expiresAt
- Control: Full.
- Constraints: Validated in ownershipToken().renew() via inherited validation logic.
- Impact: New expiration timestamp for the token.
correlationId
- Control: Full.
- Constraints: N/A.
- Impact: Used for cross-chain operation tracking and correlation.

Branches and code coverage (including function calls)

Intended branches

Authorized cross-chain sender successfully renews token with valid expiration date.

Token renewal via ownershipToken().renew() succeeds.

Negative behavior

Unauthorized caller without CROSS_CHAIN_SENDER_ROLE reverts due to onlyCrossChainSender modifier.

Synthetic token usage (isSynthetic == true) causes NotImplemented revert.

Invalid tokenId string format causes revert in Strings.parseUint().

Invalid expiration date causes revert in ownershipToken().renew() (e.g., past date, too far in future).

Nonexistent token causes NameTokenDoesNotExist revert in ownershipToken().renew().

Function: renew(string calldata tokenId, bool isSynthetic, uint256 expiresAt, string calldata correlationId)

Inputs

Branches and code coverage (including function calls)

Function: `renew(string calldata tokenId, bool isSynthetic, uint256 expiresAt, string calldata correlationId)`