What are threat models?

As part of our audit process, Zellic creates threat models for certain functions within the code base we believe are essential to the application's security. In a threat model, we document information that is generally helpful for understanding a function's security. These may include intended behavior, code coverage, function call relationships, and so on.