Non-standard ERC20 Tokens are Not Supported

[code423n4]

Lines of code

https://github.com/code-423n4/2022-04-mimo/blob/main/supervaults/contracts/SuperVault.sol#L97

Vulnerability details

When trying to call SuperVault.executeOperation the transaction reverts. This is because the call to asset.approve() in line{97} doesn't match the expected function signature of approve() on the target contract like in the case of USDT.

This issue exists in any call to approve function when the asset could be any ERC20.

Recommendation : consider using safeApprove of OZ

[m19]

Duplicate of #145

[gzeoneth]

Judging as Med Risk as function availability could be impacted. Unlike the core protocol, SuperVault can take any token as input and USDT is listed on various lending protocol like AAVE.