Closed code423n4 closed 3 years ago
We considered this, but it's possible for a malicious user to "drain" the approval of the contract, so there would need to be checks to see if approval dropped below a certain level. We opted to leave out the complexity.
Actually, we'll tackle this. We will:
Handle
cmichel
Vulnerability details
YearnV2YieldSource._depositInVault
can save gas by cachingtoken
in memory instead of accessing it 3 times from storage.