★ Rescue/emergencyWithdraw without timelock

SUNSwap (sun.io)'s assessment for RD-F-041 — scored yellow on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

V4 ProtocolFeeController has collectProtocolFee(address,address,uint256) immediately callable by owner — no timelock — allowing drain of accumulated protocol fees. CLPoolManagerOwner has pausePoolManager() with no timelock. V1/V2/V3 immutable factories: no rescue/emergencyWithdraw in factory source; LP funds are not directly accessible by factory owner (immutable pool pattern). Risk is protocol fee accumulation drain, not LP principal. Scored yellow (not red) because LP principal funds are not at immediate admin-drain risk.

Sources #

GitHub
SUNSwap V4 — fee collection and pause without timelocksunswap-v4-core ProtocolFeeController.sol: collectProtocolFee() no timelock — immediate fee drain; CLPoolManagerOwner.sol: pausePoolManager() no timelockretrieved 2026-05-17

Methodology #

Determine whether a `rescue(…)` or `emergencyWithdraw(…)` function exists callable by admin without a timelock delay on execution.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol sunswap factor RD-F-041 score yellow collected_at 2026-05-17 14:37:31