As the BathToken is meant to be agnostic and introduce an asset to the Rubicon market, support for a wide array of the top cryptocurrencies is expected. One of the top ones is USDT (Tether), which the codebase is incompatible with due to the unique way the USDT approvals operate. In detail, a non-zero approval of USDT is only allowed when the existing approval is zero and vice versa. This causes iterative approve instructions to lead to a fatal failure due to the require check present in USDT and in particular line 205.
Impact
The USDT asset will cause any consequent approvals to fail (either due to a proxy upgrade or a call to approveMarket), potentially locking funds within the system and causing general misbehaviours.
Solution (Recommended Mitigation Steps)
We advise the code to perform an approval of 0 prior to any non-zero approval via a utility function to ensure token support of the top cryptocurrencies is satisfied.
PoC
Issue is deducible by inspecting the relevant lines referenced in the issue, making note of the non-zero approve operations and cross-referencing the code with the USDT implementation linked above.
bghughes
commented
2 years ago
Lines of code
https://github.com/code-423n4/2022-05-rubicon/blob/main/contracts/rubiconPools/BathToken.sol#L214 https://github.com/code-423n4/2022-05-rubicon/blob/main/contracts/rubiconPools/BathToken.sol#L256
Vulnerability details
BTN-01M: Improper Integration of EIP-20 Standard for Non-Compliant Tokens (i.e. USDT)
Description
As the
BathTokenis meant to be agnostic and introduce an asset to the Rubicon market, support for a wide array of the top cryptocurrencies is expected. One of the top ones is USDT (Tether), which the codebase is incompatible with due to the unique way the USDT approvals operate. In detail, a non-zero approval of USDT is only allowed when the existing approval is zero and vice versa. This causes iterativeapproveinstructions to lead to a fatal failure due to therequirecheck present in USDT and in particular line 205.Impact
The USDT asset will cause any consequent approvals to fail (either due to a proxy upgrade or a call to
approveMarket), potentially locking funds within the system and causing general misbehaviours.Solution (Recommended Mitigation Steps)
We advise the code to perform an approval of
0prior to any non-zero approval via a utility function to ensure token support of the top cryptocurrencies is satisfied.PoC
Issue is deducible by inspecting the relevant lines referenced in the issue, making note of the non-zero
approveoperations and cross-referencing the code with the USDT implementation linked above.Tools
Manual inspection of the codebase.