defirisk.co
rubric v1.7.0

Rescue/emergencyWithdraw without timelock

Wormhole's assessment for RD-F-041 — scored gray on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Rescue / emergencyWithdraw without timelock | `submitTransferFees()` in Governance.sol can transfer accumulated message fees to an arbitrary recipient immediately upon valid 13/19 guardian VAA. Effectively functions as a fee-drain path without additional timelock beyond the guardian signing requirement. No `rescue` or `emergencyWithdraw` function found on Token Bridge (Bridge.sol analysis). Fee accumulations are not equivalent to total bridge TVL. | Governance.sol WebFetch (confirming submitT...

Sources #

  • Curator note
    Extracted from 02-governance-admin.md — RD-F-041; no URL citedretrieved 2026-04-28

Methodology #

Determine whether a `rescue(…)` or `emergencyWithdraw(…)` function exists callable by admin without a timelock delay on execution.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol wormhole factor RD-F-041 score gray collected_at 2026-04-28 01:38:43