Open code423n4 opened 3 years ago
We considered this, but it's possible for a malicious user to "drain" the approval of the contract, so there would need to be checks to see if approval dropped below a certain level. We opted to leave out the complexity.
Actually, we'll tackle this. We will:
Handle
cmichel
Vulnerability details
SushiYieldSource
should approve the SushiBar once during initialization with the max value. This saves gas on everysupplyTokenTo
call as the approval can be removed from there.