Lucene search

HistoryJun 12, 2022 - 12:00 a.m.

Users cannot initialize() a proxy with a currencyId with a different maturity


Lines of code

Vulnerability details

The wfCashBase.initialize sets the allowance for NotionalV2 to the assetToken and underlyingToken to the maximum using SafeApprove. However, according to <;, SafeApprove function requires that the current approval is 0 before setting the new one.
Therefore, if a user want to initialize the contract with a currencyId that has already been used before, because the transaction will revert because the allowance =! 0 (line 68 & line 73).

Add assetToken.safeApprove(address(NotionalV2), 0) before line 68 and underlyingToken.safeApprove(address(NotionalV2), 0) before line 73

The text was updated successfully, but these errors were encountered:

šŸ‘Ž 2 0xlgtm and berndartmueller reacted with thumbs down emoji

All reactions

  • šŸ‘Ž 2 reactions