5 matches found
Missing support of non-standart ERC20
Lines of code Vulnerability details Vulnerability details Description In functions of PA1D and HolographOperator contracts there is logic relying on the fact that tokens implemented ERC20 standard especially, that transfer and transferFrom functions of the tokens returns bool result. But in...
Non-standard ERC20 Tokens are Not Supported
Lines of code Vulnerability details When trying to call SuperVault.executeOperation the transaction reverts. This is because the call to asset.approve in line97 doesn't match the expected function signature of approve on the target contract like in the case of USDT. This issue exists in any call ...
Token Transfers Are Not Handled Correctly
Lines of code Vulnerability details Impact The transfer function is used to send royalty assets to the splitter contract and its recipients. If the vault operates on non-standard ERC20 tokens, its possible for transfers to not revert upon failure. Similarly, transferFrom is used to pull funds fro...
Accounting for non-standard ERC20 fees
Handle Dravee Vulnerability details Impact Bad accounting in case of non-standard ERC20 tokens Proof of Concept Vault.sol 105: IERC20token.safeTransferFromfrom, addressthis, amount; 106: 107: balance += amount; Vault.sol 136: IERC20token.safeTransferFromfrom, addressthis, amount; 137: balance +=...
safeTransferFrom in TransferHelper is not safeTransferFrom
Handle jonah1005 Vulnerability details Impact A non standard erc20 token would always raise error when calling safeTransferFrom. If a user creates a USDT/DAI pool and deposit into the pool he would find out there's never a counterpart deposit. Proof of Concept TransferHelper does not uses SafeERC...