★ Rescue/emergencyWithdraw without timelock

mETH Protocol's assessment for RD-F-041 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

No explicit emergencyWithdraw or rescue drain function in Staking.sol, METH.sol, or LiquidityBuffer. reclaimAllocatedETHSurplus() (STAKING_MANAGER_ROLE) retrieves surplus ETH from UnstakeRequestsManager — limited scope, not a full drain. Pauser contract enables immediate protocol halt (non-draining). forceMint() is a supply expansion risk (scored separately under F042). No single function can drain all staked ETH without timelock in one transaction. Overall: yellow for partial admin power without timelock (Pauser is immediate).

Sources #

GitHub
mETH Protocol METH.sol sourceMETH.sol source: forceMint() is mint-expansion risk; no rescue/sweep/drain function presentretrieved 2026-05-16
GitHub
mETH Protocol Staking.sol source — no drain functionStaking.sol source: reclaimAllocatedETHSurplus() requires STAKING_MANAGER_ROLE; no emergencyWithdraw or rescue function found; receive() and fallback() revert with DoesNotReceiveETH()retrieved 2026-05-16

Methodology #

Determine whether a `rescue(…)` or `emergencyWithdraw(…)` function exists callable by admin without a timelock delay on execution.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol meth-protocol factor RD-F-041 score yellow collected_at 2026-05-16 02:17:50