Open code423n4 opened 2 years ago
It’s better to use the trusted 3rd party library SafeERC20 to check the return value of transfer.
transfer
https://github.com/code-423n4/2022-04-backd/blob/main/backd/contracts/actions/topup/handlers/CompoundHandler.sol#L79-L80
vim, ethers.js
Use SafeERC20 rather than checking manually.
(Non-Critical) It’s better to use SafeERC20
Impact
It’s better to use the trusted 3rd party library SafeERC20 to check the return value of
transfer.Proof of Concept
https://github.com/code-423n4/2022-04-backd/blob/main/backd/contracts/actions/topup/handlers/CompoundHandler.sol#L79-L80
Tools Used
vim, ethers.js
Recommended Mitigation Steps
Use SafeERC20 rather than checking manually.