Closed code423n4 closed 2 years ago
Disagree as the functions are marked as deprecated for the new versions of the library, we are using 0.6.12, also we only use the safeApprove once, as designed
agree with sponsor. warden has linked the most up-to-date version of the contract.
Handle
pmerkleplant
Vulnerability details
Impact
Zap.sol
,SettToRenIbbtcZap.sol
andIbbtcVaultZap.sol
use OpenZeppelinsSafeERC20::safeApprove
function.This function is marked as deprecated, see OZ repo.
Recommended Mitigation Steps
Use OZ's
SafeERC20::safeIncreaseAllowance
instead ofsafeApprove
.