9 matches found
AlgebraPool ERC20 Tokens with fee on transfer are not supported
Lines of code Vulnerability details AlgebraPool ERC20 Tokens with fee on transfer are not supported Vulnerability details There are ERC20 tokens that charge fee for every transfer / transferFrom. TransferHelper.safeTransfer relies on ERC20.transfer AlgebraPool.solswap assumes that the received...
FarmingPools.sol Some users may not be able to get back their funds for tokens with tax on transfer
Handle WatchPug Vulnerability details Per the doc: Token with tax and rewards should accounted correctly and share with all holder accordingly. In the current implementation of FarmingPools.solstake, it assumes that the received amount is the same as the transfer amount, and recording it to...
transferFrom return value unchecked
Handle hack3r-0m Vulnerability details createRJLaunchEvent is followed by initialization of launch event, the balance of launch event address is what is supplied by above mentioned safe transfer call According to EIP20, transferFrom returns boolean function transferFromaddress from, address to,...
ERC20Rewards.sol: Use TransferHelper for rewardsToken
Handle hickuphh3 Vulnerability details Impact As it is used in other contracts, rewardsToken shouldn't be an exception. --- The text was updated successfully, but these errors were encountered: All reactions...
TransferHelper does not work with all ERC20 tokens
Handle cmichel Vulnerability details The TransferHelper.safeTransferFrom function will revert if tokens do not return a boolean because the interface ERC20.transfer function it uses indicates that this function always returns a boolean. Some tokens like USDT don't correctly implement the EIP20...
safeTransferFrom in TransferHelper is not safeTransferFrom
Handle jonah1005 Vulnerability details Impact A non standard erc20 token would always raise error when calling safeTransferFrom. If a user creates a USDT/DAI pool and deposit into the pool he would find out there's never a counterpart deposit. Proof of Concept TransferHelper does not uses SafeERC...
Use SafeTransfer/TransferHelper for BadgerYieldSource
Handle adelamo Vulnerability details Impact The Badger token will not throw an exception if transfer/transferFrom is unsuccessful. So we could use TransferHelper/SafeTransfer in order to run the validation everything went fine. //...
Use SafeERC20/TransferHelper on RCTreasury
Handle adelamo Vulnerability details Impact Even though the uberOwner controls what ERC20 to use on RCTreasury, it is highly recommendable to use TransferHelper or SafeERC20 in order to interact safely with the ERC20. Tools Used Editor --- The text was updated successfully, but these errors were...
Unhandled return value of transferFrom in timeLockERC20() could lead to fund loss for recipients
Handle 0xRajeev Vulnerability details Impact ERC20 implementations are not always consistent. Some implementations of transfer and transferFrom could return ‘false’ on failure instead of reverting. It is safer to wrap such calls into require statements or use safe wrapper functions implementing...