The LockeERC20.approve() function is vulnerable to front-running, as described in the following scenario:
1) Alice approves Bob to transfer 5 tokens
2) Alice decides to reduce this allowance to 3 tokens
3) Bob notices the allowance reduction tx in the mempool and frontruns it to spend the initial allowance of 5 tokens
4) Bob is granted a new allowance of 3 tokens, and spends it for a total of 8 tokens spent.
The approve() function should be split into two functions, increaseAllowance() and decreaseAllowance(), that increase or decrease the allowance respectively.
Handle
toastedsteaksandwich
Vulnerability details
Impact
The LockeERC20.approve() function is vulnerable to front-running, as described in the following scenario:
1) Alice approves Bob to transfer 5 tokens 2) Alice decides to reduce this allowance to 3 tokens 3) Bob notices the allowance reduction tx in the mempool and frontruns it to spend the initial allowance of 5 tokens 4) Bob is granted a new allowance of 3 tokens, and spends it for a total of 8 tokens spent.
Impacted code
https://github.com/code-423n4/2021-11-streaming/blob/main/Streaming/src/LockeERC20.sol#L86-L92
Recommended Mitigation Steps
The approve() function should be split into two functions, increaseAllowance() and decreaseAllowance(), that increase or decrease the allowance respectively.
Extra reading
The original issue is documented here https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729