The return value of TokenUtils.withdrawTokens which represents the actual amount of tokens that were transferred is never used throughout the repository. This might cause discrepancy in the case where the original value of _amount was type(uint256).max.
The return value can be used to validate the withdrawal or used in the event emitted
- ConsenSys Audit DeFi Saver Finding 5.10
- Error Checking
- Unchecked Return Value Transferred Tokens
- Check Return Value