alcueca
commented
3 years ago FlashBorrower and any other contracts in the Mocks directory are not in scope.
Closed code423n4 closed 3 years ago
alcueca
commented
3 years ago FlashBorrower and any other contracts in the Mocks directory are not in scope.
Handle
cmichel
Vulnerability details
The
FlashBorroweruses non-save ERC20 functions like.transfer(From)andapprove.The
ERC20.transfer()andERC20.transferFrom()functions return a boolean value indicating success. This parameter needs to be checked for success. Furthermore, some tokens (like USDT) don't correctly implement the ERC20 standard and don't return a boolean.Impact
Tokens that don't actually perform the transfer and return
falseare still counted as a correct transfer. Tokens that don't correctly implement the spec, like USDT, will be unusable in the protocol as they revert the transaction because of the missing return value.Recommended Mitigation Steps
Use OpenZeppelin's SafeERC20 library or the custom implementation already present in
Utils/transferHelper.sol.