Zellic - Audit Reports

Assessment reports Public findings

Back to Zellic site

Assessment reports>Prosper Omnichain Fungible Token>Threat Model>Function: requestBurn(uint256 amount)

GeneralOverview

Findings

DiscussionCentralization risk Missing upgrade test suite Possible gas optimization

Threat ModelWhat are threat models?

Token.sol Function: batchExecuteBurn(address[] calldata accounts)batchMint Function: executeBurn(address account)Function: requestBurn(uint256 amount)send swapToken Function: withdrawSwappables(address receiver)

Audit ResultsAssessment Results

Function: `requestBurn(uint256 amount)`

The function can be called by a user who wants to burn tokens or reduce the amount of tokens to be burned from a previous request. The difference of amount is sent either to the contract or to the user.

Inputs

amount
- Control: The amount is checked to be nonzero.
- Impact: Prevents a user from completely canceling a previous burn request or sending a nonexisting request with zero amount.

Branches and code coverage (including function calls)

Intended branches

Tokens are correctly transferred to the contract when a request is created.
Test coverage
Tokens are successfully transferred to the contract when the requested amount is increased.
Test coverage
Tokens are successfully transferred to the user when the requested amount is decreased.
Test coverage

Negative behavior

The function reverts when the amount exceeds user balance.
Negative test
The function reverts when the amount is zero.
Negative test

Function call analysis

requestBurn -> _transfer(address(this), _msgSender(), currentBurnAmount - amount)
- External/Internal? Internal.
- Argument control? amount.
- Impact: Transfers tokens' difference to the contract.
_transfer(_msgSender(), address(this), amount - currentBurnAmount)
- External/Internal? Internal.
- Argument control? amount.
- Impact: Transfers tokens' difference to the user.

Zellic © 2025Back to top ↑