Closed code423n4 closed 2 years ago
GiveMeTestEther
safeApprove is now deprecate.
https://github.com/OpenZeppelin/openzeppelin-contracts/blob/566a774222707e424896c0c390a84dc3c13bdcb2/contracts/token/ERC20/utils/SafeERC20.sol#L38
https://github.com/code-423n4/2021-12-defiprotocol/blob/205d3766044171e325df6a8bf2e79b37856eece1/contracts/contracts/Basket.sol#L274
As per OpenZepplin documentation “whenever possible, use safeIncreaseAllowance and safeDecreaseAllowance instead”.
duplicate of https://github.com/code-423n4/2021-12-defiprotocol-findings/issues/177
frank-beard
commented
2 years ago frank-beard
commented
2 years ago
Handle
GiveMeTestEther
Vulnerability details
Impact
safeApprove is now deprecate.
Proof of Concept
https://github.com/OpenZeppelin/openzeppelin-contracts/blob/566a774222707e424896c0c390a84dc3c13bdcb2/contracts/token/ERC20/utils/SafeERC20.sol#L38
https://github.com/code-423n4/2021-12-defiprotocol/blob/205d3766044171e325df6a8bf2e79b37856eece1/contracts/contracts/Basket.sol#L274
Tools Used
Recommended Mitigation Steps
As per OpenZepplin documentation “whenever possible, use safeIncreaseAllowance and safeDecreaseAllowance instead”.