search

code-423n4 / 2022-01-trader-joe-findings

2 stars 0 forks source link

Use safe transfers and approvals #289

Closed code423n4 closed 2 years ago

code423n4 commented 2 years ago

Handle

pauliax

Vulnerability details

Impact

Since not all ERC-20 tokens adhere to the standard, it is recommended to use SafeERC20 functions such that interactions with a broader range of tokens are possible. Especially, this is important since interactions with some tokens, e.g. USDT, require safeApprove.

  IERC20(_token).transferFrom(msg.sender, launchEvent, _tokenAmount);

Similarly with approve -> safeApprove:

  token.approve(address(router), tokenAllocated);

Recommended Mitigation Steps

Consider using https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/token/ERC20/utils/SafeERC20.sol

cryptofish7 commented 2 years ago

Duplicate of #154