Description

In StakeManager, the withdrawal functionality is absent, preventing users from withdrawing their deposits.

Impact

Users' deposits may become locked within the contract.

Recommendations

Ensure that the ownership of the upgrading contract and the stages of the staking process are prominently documented so that users are aware of and accept the associated risks.

Remediation

According to Hydrogen Labs's response, they intentionally have no withdrawal function in this codebase, a similar approach to Lido's staking contracts pre-merge, as there is a similar dynamic with Botanix's staking development rollout — staking rollout will necessitate a V2 migration with withdrawals enabled.