From 8cdf17987a89713ed19ec9f7b7aa1bc8fd86f1bc Mon Sep 17 00:00:00 2001
From: zanderbyte-certora <zanderbyte@certora.com>
Date: Wed, 30 Jul 2025 13:08:08 +0300
Subject: [PATCH] remove holder restriction

---
 .../033_withdrawByRecipient_auth_bypass.patch       | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 certora/mutations/033_withdrawByRecipient_auth_bypass.patch

diff --git a/certora/mutations/033_withdrawByRecipient_auth_bypass.patch b/certora/mutations/033_withdrawByRecipient_auth_bypass.patch
new file mode 100644
index 0000000..0fcfd7f
--- /dev/null
+++ b/certora/mutations/033_withdrawByRecipient_auth_bypass.patch
@@ -0,0 +1,13 @@
+diff --git a/contracts/Vault.sol b/contracts/Vault.sol
+index 8433a08..e7e012d 100644
+--- a/contracts/Vault.sol
++++ b/contracts/Vault.sol
+@@ -236,7 +236,7 @@ contract Vault is VaultBase, Pausable, Ownable {
+     AccountId accountId
+   ) public {
+     (address holder, ) = Accounts.decodeId(accountId);
+-    require(msg.sender == holder, VaultOnlyAccountHolder());
++    // require(msg.sender == holder, VaultOnlyAccountHolder());
+     _withdraw(controller, fund, accountId);
+   }
+