30 matches found
Some ERC20Votes tokens will not work if you set approve() to any value without setting to zero first
Lines of code Vulnerability details Impact Not setting allowance to Zero before changing the allowance can hinder the deployment of the ERC20ProxyDelegator contract for some ERC20 tokens Proof of Concept Some ERC20 tokens like USDT with Voting enabled will not work when changing the allowance fro...
USDT tokens should approve to zero first otherwise it may cause other tokens to get stuck in the case of aprooveMultipleTokens
Lines of code Vulnerability details Impact Unsafe ERC20 approve that do not handle non-standard erc20 behavior. Some token contracts do not return any value. Some token contracts revert the transaction when the allowance is not zero. Proof of Concept When receiving tokens to the destination chain...
USDT approval racing can lead to DoS
Lines of code Vulnerability details Impact USDT approval racing can lead to DoS Proof of Concept 2023-07-tapioca/tapioca-periph-audit/contracts/Magnetar/modules/MagnetarMarketModule.solL157 Tools Used Recommended Mitigation Steps Use safeApprove Assessed type call/delegatecall --- The text was...
Unspent allowance may break functionality in AMO
Lines of code Vulnerability details Unspent allowance may break functionality in AMO An unspent allowance may cause a denial of service during the calls to safeApprove in the AMO contract. Impact The AMO contract uses the safeApprove function to grant the Curve pool permission to spend funds whil...
Using safeTransferFrom() Functions But without Getting the Approval
Lines of code Vulnerability details Impact 2 safeTransferFrom calls are Used for ERC20 Token Line: 90, 172 using SafeTransferLib But without getting the Approval using safeApprove function. The Calls will always fail. 3 more safeTransferFrom calls are Used for ERC721 Tokens Line: 239, 259, 370...
Users cannot initialize() a proxy with a currencyId with a different maturity
Lines of code Vulnerability details The wfCashBase.initialize sets the allowance for NotionalV2 to the assetToken and underlyingToken to the maximum using SafeApprove. However, according to , SafeApprove function requires that the current approval is 0 before setting the new one. Therefore, if a...
Call to safeApprove without checking previous allowance in burnFees could result in locked funds
Lines of code Vulnerability details Impact Using this deprecated function can lead to unintended reverts and potentially the locking of funds. A deeper discussion on the deprecation of this function is in OZ issue 2219 OpenZeppelin/openzeppelin-contracts2219. Proof Of Concept Refer to the burnFee...
RewardHandler.burnFees() will work only once and revert after that if burnedAmount is different.
Lines of code Vulnerability details Impact RewardHandler.burnFees will work only once and revert after that if burnedAmount is different. Proof of Concept OpenZeppelin’s safeApprove will revert if the account already is approved and the new safeApprove is done with a non-zero value. Tools Used...
Lack of safeApprove(0) may prevent deposits and swapping of token
Lines of code Vulnerability details Impact OpenZeppelin’s safeApprove will revert if the account already is approved and the new safeApprove is done with a non-zero value. Users may be prevented from swapping tokens to Backd LPTokens a second time Proof of Concept There are multiple places...
Bad use of safeApprove
Lines of code Vulnerability details Impact Function deposit in booster could revert when stake option is true if the contract has an allowance of the token for rewarcontract 0. The same in many contracts but in VE3DRewardPool.sol a user can get his rewards blocked. Proof of Concept If the contrac...
in VeAssetDepositor and Booster contract don't set safeApprove() to 0 first and that token uses OpenZeppelin’s ERC20 implementation
Lines of code Vulnerability details Impact OpenZeppelin’s implementation of safeApprove won't work if approved amount is not set to 0. so the logics will fail if code don't set it 0 first. Both VeToken and VE3Token use OpenZeppelin’s ERC20 implementation and VeAssetDepositor and Booster calls...
Not calling _safeApprove(0) before setting a new approval causes the call to revert when used with Tether (USDT)
Lines of code Vulnerability details Impact Some tokens like the very popular USDT do not work when changing the allowance from an existing non-zero allowance value it will revert if the current approval is not zero to protect against front-running changes of approvals. These tokens must first be...
Deprecated safeApprove() function
Originally submitted by warden Dravee in 146, duplicate of 178 related to the use of safeApprove. This is upgraded from a QA report to standalone issue because it correctly described the revert when trying to call safeApprove on non-zero allowance. QA report that only describe safeApprove as...
The Contract Should approve(0) first
Originally submitted by warden defsec in 198, duplicate of 178 related to the use of safeApprove. This is upgraded from a QA report to standalone issue because it correctly described the revert when trying to call safeApprove on non-zero allowance. QA report that only describe safeApprove as...
Non-standard ERC20 Tokens are Not Supported
Lines of code Vulnerability details When trying to call SuperVault.executeOperation the transaction reverts. This is because the call to asset.approve in line97 doesn't match the expected function signature of approve on the target contract like in the case of USDT. This issue exists in any call ...
Lack of safeApprove(0) prevents some registrations, and the changing of stakers and LP tokens
Lines of code Vulnerability details OpenZeppelin's safeApprove will revert if the account already is approved and the new safeApprove is done with a non-zero value function safeApprove IERC20 token, address spender, uint256 value internal // safeApprove should only be called when setting an initi...
Customers cannot be topUp()ed a second time
Lines of code Vulnerability details OpenZeppelin's safeApprove will revert if the account already is approved and the new safeApprove is done with a non-zero value function safeApprove IERC20 token, address spender, uint256 value internal // safeApprove should only be called when setting an initi...
approve and safeApprove Should Approve the Zero Amount First
Lines of code Vulnerability details Impact The PooledCreditLine.sol and LenderPool.sol contracts approve the strategy contract on the collateral or borrow assets before depositing funds. This allows the strategy contracts to transfer on behalf of these contracts, pulling assets out from the pool...
[WP-M3] TurboRouter.sol#createSafeAndDeposit*() CreateSafeAndDeposit combo methods won't work as an allowance cannot be granted to a newly created Safe for deposit
Lines of code Vulnerability details The TurboRouter.soldeposit function can be used in a multicall together with approve and pullToken from PeripheryPayments to pull tokens from msg.sender and grant allowance for the ERC4626 Safe to call asset.safeTransferFrom with the msg.sender being the router...
Incorrect safeApprove usage
Handle Jujic Vulnerability details Impact safeApprove won't work when current allowance 0, there may be cases when strategies will not use all allowance, so switch to new strategy will be blocked. Proof of Concept Tools Used Recommended Mitigation Steps I recommend approving to zero and then...