Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Wasabi>Threat Models>newMint
GeneralOverview
Findings
High (4)
Medium (3)
DiscussionAbstractWasabiPool should use upgradable variants of OpenZeppelin contractsPut options operate on entire collectionsPools require well-behaved NFTs
Threat ModelsWhat are threat models?AbstractWasabiPool.sol
WasabiOptionnewMint
WasabiPoolFactory.sol
Audit ResultsSummary

Function: newMint(address to)

Mints a new WasabiOption

Inputs

  • to

    • Control: Factory has full control over this input.

    • Constraints: No constraints.

    • Impact: A factory can mint tokens to any address.

Branches and code coverage (including function calls)

Intended branches

Negative behavior

Function call analysis

  • newMint -> _safeMint(to, _currentId)

    • What is controllable? to parameter is controllable.

    • If return value controllable, how is it used and how can it go wrong? No return value.

    • What happens if it reverts, reenters, or does other unusual control flow? Reentrancy is not an issue because only the factory can call back in. Minting does not happen under revert condition. An interesting control flow aspect is that the receiver of the NFT can call into other functions if it contains logic in its onERC721Received function.

Zellic © 2024Back to top ↑