In Basket.sol, approveUnderlying is used to approve tokens to be spent by the Auction.
The current implementation uses a simple approve function, instead of the safer safeApprove. Also it's recommended to have an approve to zero first, since the allowance could be already positive and some tokens (e.g. USDT) wouldn't work in this case.
GalloDaSballo
commented
2 years ago
Handle
0xsanson
Vulnerability details
Impact
In Basket.sol,
approveUnderlyingis used to approve tokens to be spent by the Auction. The current implementation uses a simpleapprovefunction, instead of the safersafeApprove. Also it's recommended to have an approve to zero first, since the allowance could be already positive and some tokens (e.g. USDT) wouldn't work in this case.Proof of Concept
https://github.com/code-423n4/2021-09-defiProtocol/blob/main/contracts/contracts/Basket.sol#L226
Tools Used
editor
Recommended Mitigation Steps
Consider writing