Assessment reportsPublic findings
Back to Zellic siteBack
Assessment reports>Ostium>Threat Model>mint
GeneralOverview
Findings
Critical (2)
High (3)
Medium (6)
Low (6)
Informational (2)
DiscussionRemoval of trading pairs is not supportedIncorrect last updated block number for TP and SLTradeUtils used as a library for address
Threat ModelWhat are threat models?Delegatable.solOstiumOpenPnl.solOstiumTrading.sol
OstiumVault.sol_executeDiscountAndLockcancelWithdrawRequestdepositdepositWithDiscountAndLockdistributeRewardmakeWithdrawRequestmintmintWithDiscountAndLockreceiveAssetsredeemtransfertransferFromtryNewOpenPnlRequestOrEpochtryResetDailyAccPnlDeltatryUpdateCurrentMaxSupplyunlockDepositwithdraw
Audit ResultsSummary

Function: mint(uint256 shares, address receiver)

Deposits assets into the vault in order to mint a specific amount of shares.

Inputs

  • shares

    • Control: Arbitrary.

    • Constraints: Must be less than max mint. Asset transfer to pay for shares must succeed.

    • Impact: Amount of shares to mint.

  • receiver

    • Control: Arbitrary.

    • Constraints: None.

    • Impact: Receiver of the shares.

Branches and code coverage

Intended branches

  • Deposit succeeds.

Negative behavior

  • Deposit fails due to whitelist.

  • Deposit fails due to being over max deposit.

  • Deposit fails due to asset-transfer failure.

Function call analysis

  • this._deposit(this._msgSender(), receiver, assets, shares) -> SafeERC20Upgradeable.safeTransferFrom(this._asset, caller, address(this), assets)

    • What is controllable? Quantity of assets through previewMint calculation.

    • If the return value is controllable, how is it used and how can it go wrong? N/A.

    • What happens if it reverts, reenters or does other unusual control flow? Tail call, so reentrancy due to an ERC-20 hook is safe.

Zellic © 2025Back to top ↑