search

code-423n4 / 2021-12-defiprotocol-findings

0 stars 0 forks source link

Use of deprecated `safeApprove()` function #177

Open code423n4 opened 2 years ago

code423n4 commented 2 years ago

Handle

broccolirob

Vulnerability details

From Openzeppelin docs: "Deprecated. This function has issues similar to the ones found in IERC20.approve, and its usage is discouraged."

Recommended Mitigation Steps

Instead, fetch allowance first, then call safeIncreaseAllowance with max - diff.

frank-beard commented 2 years ago

would consider this non-critical

0xleastwood commented 2 years ago

I agree, there is no security risk ...