Function: redeemNonKyc(uint256 shares, address receiver, address owner)

This function lets non-KYC shareholders redeem at a constant 1:1 USDC rate regardless of vault phase, guaranteeing principal preservation for users who never pass KYC.

Inputs

• shares

  • Control: N/A.

  • Constraints: Must be nonzero and owned or approved by owner.

  • Impact: Burns the shares, decrements sharesNonKyc, and transfers equal USDC.

• receiver

  • Control: N/A.

  • Constraints: N/A.

  • Impact: Receives USDC equal to the redeemed shares.

• owner

  • Control: N/A.

  • Constraints: Must be flagged as non-KYC via onlyNonKyc.

  • Impact: Share balance decreases by shares.

Branches and code coverage

Intended branches

• Callable in every mode because non-KYC funds must always be liquid.

  Test coverage

• Spends allowance when msg.sender != owner.

  Test coverage

• Updates accounting before transferring USDC.

  Test coverage

Function call analysis

• SafeERC20.safeTransfer(HourglassStableVaultKYC.USDC, receiver, shares)

  • What is controllable? The caller controls the number of shares to redeem (shares) and the receiver (receiver).

  • If the return value is controllable, how is it used and how can it go wrong? N/A.

  • What happens if it reverts, reenters or does other unusual control flow? N/A.