The contract of the CToken does not have any protection against the well-known “Multiple Withdrawal Attack” attack on the Approve/TransferFrom methods of the ERC20 standard.
It is possible for someone to lose tokens if someone is listening to the mempool and the caller wants to change previous approvals.
Lines of code
https://github.com/code-423n4/2022-04-dualityfocus/blob/f21ef7708c9335ee1996142e2581cb8714a525c9/contracts/compound_rari_fork/CToken.sol#L172
Vulnerability details
Impact
Front running attack in approve.
Proof of Concept
The contract of the
CToken
does not have any protection against the well-known “Multiple Withdrawal Attack” attack on the Approve/TransferFrom methods of the ERC20 standard.It is possible for someone to lose tokens if someone is listening to the mempool and the caller wants to change previous approvals.
Recommended Mitigation Steps
Add increase and decrease allowance.