★ Admin has mint() with unlimited max
Jupiter Perpetual Exchange's assessment for RD-F-042 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.
Evidence summary #
JLP is an SPL Mint (27G8MtK7VtTcCHkpASjSDdkWWYfoqT6ggEuKidVJidD4). Program upgrade authority (Squads v4 4-of-7 with 24h timelock) controls JLP mint authority indirectly via the upgrade mechanism. SPL Token program allows mint authority to mint arbitrary additional JLP tokens. No hard cap on JLP supply enforced at SPL mint account level; pool accounting enforces indirect limits but upgrade authority can modify that logic. Mint authority changes via upgrade require 4-of-7 approval + 24h delay. Direct mint instruction access via IDL admin is not verifiable from closed source. Scored yellow: meaningful multisig + timelock protection on upgrade vector; direct admin mint paths unverifiable. Gating by 4-of-7 + 24h materially improves over prior assessment (single/unknown admin).
Sources #
- URLJupiter Perps LP (JLP) token on SolscanJLP Token Mint 27G8MtK7VtTcCHkpASjSDdkWWYfoqT6ggEuKidVJidD4 on Solscan — SPL Mint with mint authority controlled by perps program upgrade pathretrieved 2026-05-16
- Squads v4 multisig config AxkJ8oH5 on SolscanOn-chain: Squads v4 multisig AxkJ8oH5 controls upgrade authority 5myNNm...; time_lock=86400s; any mint authority change via upgrade requires 4/7 + 24hretrieved 2026-05-16
Methodology #
Determine whether an admin-callable `mint` on a protocol token has no supply cap or an unlimited maximum supply.
See the full factor methodology and distribution across all protocols →