Assessment reportsPublic findings
Back to Zellic siteBack
Assessment reports>d3-doma>Threat Model>Function: requestDetokenization(uint256 tokenId, bool isSynthetic)
GeneralOverview
Findings
Critical (3)
Medium (1)
Low (6)
Informational (2)
Threat ModelWhat are threat models?DomaForwarder.solDomaRecordProxyFacet.solDomaRecordRegistrarClaimFacet.solDomaRecordRegistrarFacet.solERC7786GatewayReceiver.solERC7786GatewaySource.solMarketplace.solOwnershipToken.sol
ProxyDomaRecord.solFunction: bridge(uint256 tokenId, bool isSynthetic, string calldata targetChainId, string calldata targetOwnerAddress)Function: changeLockStatus(string calldata tokenId, bool isSynthetic, bool isTransferLocked, string calldata correlationId)Function: claimOwnership(uint256 tokenId, bool isSynthetic, ProofOfContactsVoucher calldata proofOfContactsVoucher, bytes calldata signature)Function: detokenize(string calldata tokenId, bool isSynthetic, string calldata claimedBy, string calldata correlationId)Function: detokenizeUnchecked(string calldata tokenId, bool isSynthetic, string calldata correlationId)Function: mintOwnershipTokens(uint256 registrarIanaId, OwnershipTokenInfo[] calldata tokens, string calldata ownerAddress, string calldata correlationId)Function: renew(string calldata tokenId, bool isSynthetic, uint256 expiresAt, string calldata correlationId)Function: requestDetokenization(uint256 tokenId, bool isSynthetic)Function: requestTokenization(TokenizationVoucher calldata voucher, bytes calldata signature)Function: tokenTransfer(uint256 tokenId, address from, address to)
Audit ResultsAssessment Results

Function: requestDetokenization(uint256 tokenId, bool isSynthetic)

This function initiates a detokenization request by verifying token ownership and sending a cross-chain message to Doma chain for validation and processing. Only token owners can request detokenization of their tokens.

Inputs

  • tokenId

    • Control: Full.

    • Validation: Token ownership verified via _verifyTokenOwnership().

    • Impact: Identifies the specific token to request detokenization for.

  • isSynthetic

    • Control: Not controlled.

    • Validation: Must be false (synthetic tokens not implemented).

    • Impact: Distinguishes between regular and permissioned tokens.

Branches and code coverage (including function calls)

Intended branches

Negative behavior

Zellic © 2025Back to top ↑