Assessment reportsPublic findings
Back to Zellic siteBack
Assessment reports>Falcon Finance>Threat Model>callerFundedMint
GeneralOverview
Findings
Medium (1)
Low (1)
Informational (4)
DiscussionThe initialization of StakedUSDf may failThe vestingPeriod and cooldownDuration can be set to zero simultaneously
Threat ModelWhat are threat models?
ClassicMinterV1.solcallerFundedMint
FalconBundler.solFalconPosition.solPreCollateralizedMinter.solStakedUSDf.solUSDfSilo.sol
Audit ResultsAssessment Results

Function: callerFundedMint(MintParams params, uint256 depositAmount, bytes signature)

This function mints an amount of USDf tokens for the recipient, calculated based on the token price.

Inputs

  • params

    • Control: Fully controlled by the caller.

    • Constraints: N/A.

    • Impact: Struct of MintParams that has information for minting.

  • depositAmount

    • Control: Fully controlled by the caller.

    • Constraints: N/A.

    • Impact: Amount of tokens to deposit.

  • signature

    • Control: Fully controlled by the caller.

    • Constraints: The address recovered using the generated hash and corresponding signature must possess the MINTER_ROLE.

    • Impact: Bytes of signature.

Branches and code coverage

Intended branches

  • Check if the caller is equal to params.caller.

  • Check if depositAmount is not zero.

  • Check if depositAmount is smaller than params.maxAmount.

  • Check if params.recipient is not the zero address.

  • Check if params.expiry is bigger than block.timestamp to confirm the transaction is not expired.

  • Check that the nonce has not been used before.

  • Check if the recovered address using the signature has BACKEND_SIGNER_ROLE.

  • Transfer collateral to treasury.

  • Calculate mint amount with precise scaling and mint an amount of USDf.

Negative behavior

  • If the caller is not equal to params.caller, the transaction will be reverted.

  • If depositAmount is zero, the transaction will be reverted.

  • If depositAmount is bigger than or equal to params.maxAmount, the transaction will be reverted.

  • If params.recipient is the zero address, the transaction will be reverted.

  • If params.expiry is smaller than or equal to block.timestamp, the transaction will be reverted.

  • If the nonce has been used before, the transaction will be reverted.

  • If the recovered address using the signature does not have BACKEND_SIGNER_ROLE, the transaction will be reverted.

Zellic © 2025Back to top ↑