diff --git a/foundry/src/TychoRouter.sol b/foundry/src/TychoRouter.sol
index f63a780..59c0c7a 100644
--- a/foundry/src/TychoRouter.sol
+++ b/foundry/src/TychoRouter.sol
@@ -3,10 +3,17 @@ pragma solidity ^0.8.28;
 
 import "@openzeppelin/contracts/access/AccessControl.sol";
 import "@permit2/src/interfaces/IAllowanceTransfer.sol";
+import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
+import "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
+
+error TychoRouter__WithdrawalFailed();
+error TychoRouter__InvalidReceiver();
 
 contract TychoRouter is AccessControl {
     IAllowanceTransfer public immutable permit2;
 
+    using SafeERC20 for IERC20;
+
     //keccak256("NAME_OF_ROLE") : save gas on deployment
     bytes32 public constant EXECUTOR_SETTER_ROLE =
         0x6a1dd52dcad5bd732e45b6af4e7344fa284e2d7d4b23b5b09cb55d36b0685c87;
@@ -17,6 +24,10 @@ contract TychoRouter is AccessControl {
     bytes32 public constant FUND_RESCUER_ROLE =
         0x912e45d663a6f4cc1d0491d8f046e06c616f40352565ea1cdb86a0e1aaefa41b;
 
+    event Withdrawal(
+        address indexed token, uint256 amount, address indexed receiver
+    );
+
     constructor(address _permit2) {
         permit2 = IAllowanceTransfer(_permit2);
         _grantRole(DEFAULT_ADMIN_ROLE, msg.sender);
@@ -60,9 +71,46 @@ contract TychoRouter is AccessControl {
         // TODO
     }
 
+    /**
+     * @dev Allows withdrawing any ERC20 funds if funds get stuck in case of a bug.
+     */
+    function withdraw(IERC20[] memory tokens, address receiver)
+        external
+        onlyRole(FUND_RESCUER_ROLE)
+    {
+        if (receiver == address(0)) revert TychoRouter__InvalidReceiver();
+
+        for (uint256 i = 0; i < tokens.length; i++) {
+            // slither-disable-next-line calls-loop
+            uint256 tokenBalance = tokens[i].balanceOf(address(this));
+            if (tokenBalance > 0) {
+                emit Withdrawal(address(tokens[i]), tokenBalance, receiver);
+                tokens[i].safeTransfer(receiver, tokenBalance);
+            }
+        }
+    }
+
+    /**
+     * @dev Allows withdrawing any NATIVE funds if funds get stuck in case of a bug.
+     * The contract should never hold any NATIVE tokens for security reasons.
+     */
+    function withdrawNative(address receiver)
+        external
+        onlyRole(FUND_RESCUER_ROLE)
+    {
+        if (receiver == address(0)) revert TychoRouter__InvalidReceiver();
+
+        uint256 amount = address(this).balance;
+        if (amount > 0) {
+            emit Withdrawal(address(0), amount, receiver);
+            // slither-disable-next-line arbitrary-send-eth
+            bool success = payable(receiver).send(amount);
+            if (!success) revert TychoRouter__WithdrawalFailed();
+        }
+    }
+
     /**
      * @dev Allows this contract to receive native token
      */
-    // TODO Uncomment once withdraw method is implemented - or else Slither fails
-    //    receive() external payable {}
+    receive() external payable {}
 }