Function: withdraw(address receiver, uint256 amount)
Withdraw a specified amount of tokens to a receiver address.
Inputs
receiver
Control: Controlled by the user.
Constraints: Cannot be the zero address.
Impact: The address that will receive the amount of tokens withdrawn.
amount
Control: Controlled by the user.
Constraints: Must be a positive integer.
Impact: The number of tokens to be transferred from the contract to the
receiver
.
Branches and code coverage (including function calls)
Intended branches
Successful withdrawal with rewards claimed.
Successful withdrawal without rewards claimed.
Negative behavior
Insufficient balance.
Transfer to zero address.
Function call analysis
withdraw -> crvRewards.withdrawAndUnwrap(amount, claimRewards)
What is controllable?
amount
.If return value controllable, how is it used and how can it go wrong? There is no return value used in this case.
What happens if it reverts, reenters, or does other unusual control flow? If the function reverts, the whole transaction will revert and no tokens will be withdrawn. This call is not vulnerable to reentrancy as it does not directly depend on the state of the contract.
withdraw -> lpToken.transfer(receiver, amount)
What is controllable?
receiver
andamount
.If return value controllable, how is it used and how can it go wrong? There is no return value used in this case.
What happens if it reverts, reenters, or does other unusual control flow? If this call reverts, the whole transaction will revert.
withdraw -> _updateIntegrals(msg.sender, balance, supply)
What is controllable?
balance
.If return value controllable, how is it used and how can it go wrong? There is no return value used in this case.
What happens if it reverts, reenters, or does other unusual control flow? If this call reverts, the whole transaction will revert.