Severity: Informational

Files Affected

• solidity/src/FlowYieldVaultsRequests.sol
• cadence/contracts/FlowYieldVaultsEVM.cdc

Description

The EVM request contract (solidity/src/FlowYieldVaultsRequests.sol) tracks refundable escrow per (user, tokenAddress) in pendingUserBalances. The Cadence-side helper getPendingRequestsForEVMAddress() in cadence/contracts/FlowYieldVaultsEVM.cdc calls getPendingRequestsByUserUnpacked() to surface per-user pending information and pending balance.

However, getPendingRequestsByUserUnpacked() returns only pendingUserBalances[user][NATIVE_FLOW] as pendingBalance, ignoring any ERC20 pending balances. This creates a misleading operational/user-facing view where a user may have significant refundable ERC20 escrow but the returned "pending balance" appears as zero (or only reflects native escrow).

Recommendation

Return pending balances per token (or include both native and ERC20 balances in the unpacked response), and ensure Cadence-side views reflect the full refundable state rather than only the native sentinel.

Parent Issue: #15