Function: withdrawForStaker(address _erc20TokenAddress, address _staker, uint256 _amount)

Allows withdrawing tokens for a staker.

Inputs

• _erc20TokenAddress

  • Control: Fully controlled by the stake manager.

  • Constraints: None.

  • Impact: The token to withdraw.

• _staker

  • Control: Fully controlled by the stake manager.

  • Constraints: None.

  • Impact: The address to withdraw to.

• _amount

  • Control: Fully controlled by the stake manager.

  • Constraints: Checked that it is not zero.

  • Impact: The amount to withdraw.

Branches and code coverage (including function calls)

Intended branches

• Transfer the _amount of _erc20TokenAddress to _staker.

  Test coverage

• Decrease the balance of _erc20TokenAddress in address(this) by _amount.

  Test coverage

• Increase the balance of _erc20TokenAddress in _staker by _amount.

  Test coverage

Negative behavior

• Should not be callable by anyone other than the stake manager. Ensured through onlyStakeManager.

  Negative test

• Should not be abused since it literally transfers any token to any address. Theoretically this should be ensured in the StakeManager contract.

  Negative test

Function call analysis

• IERC20(_erc20TokenAddress).safeTransfer(_staker, _amount)

  • What is controllable? _erc20TokenAddress, _staker, and _amount.

  • If return value controllable, how is it used and how can it go wrong? N/A.

  • What happens if it reverts, reenters, or does other unusual control flow? Then the transfer will fail; it means there is not enough balance.