If a user already has the ERC20 approved with the DEX, the current code can lead to an error.
Specifically, if they've approved the DEX for X tokens previously (where X > 0), and then they request a swap for Y tokens (where Y > X), the result will be decreasing their allowance to 0.
Recommended Mitigation: use SafeERC20.safeIncreaseAllowance(IERC20(assetId), spender, MAX_INT) on this line instead.
H3xept
commented
2 years ago
Inconsistency with approveERC20 function: