Function: finalizeERC20Withdrawal(address _l1Token, address _l2Token, address _from, address _to, uint256 _amount, byte[] _data)

Finalizes withdrawal of an ERC-20 token from L2 to L1.

Inputs

• _l1Token

  • Control: User.

  • Constraints: Discarded.

  • Impact: Determines which token to be withdrawn.

• _l2Token

  • Control: User.

  • Constraints: Discarded.

  • Impact: Address of the L1 respective L2 ERC-20.

• _from

  • Control: User.

  • Constraints: Discarded.

  • Impact: The address from which the tokens are transferred.

• _to

  • Control: User.

  • Constraints: Discarded.

  • Impact: The destination address for the transferred tokens.

• _amount

  • Control: User.

  • Constraints: Discarded.

  • Impact: Amount of the ERC-20 to withdraw.

• _data

  • Control: User.

  • Constraints: Discarded.

  • Impact: Optional data.

Branches and code coverage (including function calls)

Intended branches

• Successfully withdraws if all conditions are met.

  Test coverage

Negative behavior

• Reverts if called from a non-crossDomainMessenger L1 account.

  Negative test

• Reverts if called from the right crossDomainMessenger but wrong xDomainMessageSender.

  Negative test

Function call analysis

• finalizeERC20Withdrawal -> IERC20(_l1Token).safeTransfer(_to, _amount)

  • What is controllable? _l1Token_, _to, and _amount.

  • If return value controllable, how is it used and how can it go wrong? Discarded.

  • What happens if it reverts, reenters, or does other unusual control flow? Discarded.