Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Polygon Staking>Threat Model>withdraw
GeneralOverview
Findings
High (1)
Medium (1)
Low (4)
Informational (7)
DiscussionThe logic in _updateStrategyRewards may not need to update all the strategiesThe LSTRewardsSplitter's splitting is not path-independent, which may have cross-protocol implicationsCalling checkUpkeep on chain is against the automation documentation and may revert or waste gas
Threat ModelWhat are threat models?LSTRewardsSplitter.solLSTRewardsSplitterController.solPolygonFundFlowController.solPolygonStrategy.sol
PolygonVault.soldepositrestakeRewardsunbondwithdrawwithdrawRewards
Audit ResultsAssessment Results

Function: withdraw()

This function withdraws tokens from the validator pool and sends tokens to the vault controller.

Branches and code coverage

Intended branches

  • Call the unstakeClaimTokensPOL function on the validator pool.

  • Send tokens to the vault controller.

Zellic © 2025Back to top ↑