★ Rescue/emergencyWithdraw without timelock

Hyperlane's assessment for RD-F-041 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No rescue() / emergencyWithdraw() / sweep() function found in Mailbox.sol or HypERC20Collateral.sol source. However, the ProxyAdmin v1 direct upgrade path (3-of-6 Safe, no enforced Timelock) means any admin action including implementation replacement can be executed without delay. Scored yellow: absence of explicit rescue function is positive, but no effective delay on the ProxyAdmin upgrade path.

Sources #

GitHub
HypERC20Collateral.sol sourceHypERC20Collateral.sol: no rescue/emergencyWithdraw visibleretrieved 2026-05-17
GitHub
Hyperlane Mailbox.sol sourceMailbox.sol: no rescue/emergencyWithdraw/sweep function visible in sourceretrieved 2026-05-17

Methodology #

Determine whether a `rescue(…)` or `emergencyWithdraw(…)` function exists callable by admin without a timelock delay on execution.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol hyperlane factor RD-F-041 score yellow collected_at 2026-05-16 23:03:56