Closed jubeira closed 4 weeks ago
Generated at commit: e28fed149f4b53b1c2b1da90276139b014fec115
🚨 Report Summary
Severity Level Results Contracts Critical High Medium Low Note Total 2 2 0 11 37 52 Dependencies Critical High Medium Low Note Total 0 0 0 0 0 0
For more details view the full report in OpenZeppelin Code Inspector
Description
Since we're using the router as intermediary for BPT exits, the vault burns BPT from the router, spending allowance in the process. But in this case, the router is also the owner when the call is made, so it should already be able to spend without explicit approval. A
transferFrom
whereowner == spender
is actually a regular transfer (andburn
is equivalent totransferFrom
in this aspect).Type of change
Checklist:
main
, or there's a description of how to mergeIssue Resolution
N/A