There are ERC20 tokens that may make certain customizations to their ERC20 contracts.
One type of these tokens is deflationary tokens that charge a certain fee for every transfer() or transferFrom().
Others are rebasing tokens that increase in value over time like Aave's aTokens (balanceOf changes over time).
Impact
The MStableYieldSource/SwappableYieldSource.supplyTokenTo() function will fail when the underlying token is a fee-on transfer token.
Recommended Mitigation Steps
One possible mitigation is to measure the asset change right before and after the asset-transferring routines
PierrickGT
commented
3 years ago
Handle
cmichel
Vulnerability details
There are ERC20 tokens that may make certain customizations to their ERC20 contracts. One type of these tokens is deflationary tokens that charge a certain fee for every
transfer()ortransferFrom(). Others are rebasing tokens that increase in value over time like Aave's aTokens (balanceOfchanges over time).Impact
The
MStableYieldSource/SwappableYieldSource.supplyTokenTo()function will fail when the underlying token is a fee-on transfer token.Recommended Mitigation Steps
One possible mitigation is to measure the asset change right before and after the asset-transferring routines