defirisk.co
rubric v1.7.0

Admin has mint() with unlimited max

Superstate's assessment for RD-F-042 — scored red on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

[STAR CRITICAL] mint(address dst, uint256 amount) and bulkMint(address[], uint256[]) are callable by the owner EOA with no on-chain supply cap. renounceOwnership() is explicitly blocked (reverts) preventing role removal. The owner can mint an arbitrary number of tokens to any allowlisted address in a single transaction with no timelock. Business-level constraints (NAV attestation, fund AUM limits) are off-chain and not enforceable on-chain. The current live implementation SuperstateTokenV5_1 (0x1f50a1EE) preserves this pattern confirmed via Etherscan.

Sources #

  • GitHub
    SuperstateToken.sol - Unlimited Mint FunctionsSuperstateToken.sol: function mint(address dst, uint256 amount) external onlyOwner - no supply cap; function bulkMint(address[] dsts, uint256[] amounts) external onlyOwner - no cap; renounceOwnership() revertsretrieved 2026-05-16
  • Etherscan
    SuperstateTokenV5_1 Current ImplementationSuperstateTokenV5_1 (0x1f50a1EE0ec8275d0c83b7bb08896b4b47d6E8C4) is current live USTB implementation with same mint patternretrieved 2026-05-16

Methodology #

Determine whether an admin-callable `mint` on a protocol token has no supply cap or an unlimited maximum supply.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol superstate factor RD-F-042 score red collected_at 2026-05-16 00:06:37