As the BathToken is meant to be agnostic and introduce an asset to the Rubicon market, support for a wide array of the top cryptocurrencies is expected. One of the top ones is USDT (Tether), which the codebase is incompatible with due to the unique way the USDT approvals operate. In detail, a non-zero approval of USDT is only allowed when the existing approval is zero and vice versa. This causes iterative approve instructions to lead to a fatal failure due to the require check present in USDT and in particular line 205.
Impact
The USDT asset will cause any consequent approvals to fail (either due to a proxy upgrade or a call to approveMarket), potentially locking funds within the system and causing general misbehaviours.
Solution (Recommended Mitigation Steps)
We advise the code to perform an approval of 0 prior to any non-zero approval via a utility function to ensure token support of the top cryptocurrencies is satisfied.
PoC
Issue is deducible by inspecting the relevant lines referenced in the issue, making note of the non-zero approve operations and cross-referencing the code with the USDT implementation linked above.
Lines of code
https://github.com/code-423n4/2022-05-rubicon/blob/main/contracts/rubiconPools/BathToken.sol#L214 https://github.com/code-423n4/2022-05-rubicon/blob/main/contracts/rubiconPools/BathToken.sol#L256
Vulnerability details
BTN-01M: Improper Integration of EIP-20 Standard for Non-Compliant Tokens (i.e. USDT)
Description
As the
BathToken
is meant to be agnostic and introduce an asset to the Rubicon market, support for a wide array of the top cryptocurrencies is expected. One of the top ones is USDT (Tether), which the codebase is incompatible with due to the unique way the USDT approvals operate. In detail, a non-zero approval of USDT is only allowed when the existing approval is zero and vice versa. This causes iterativeapprove
instructions to lead to a fatal failure due to therequire
check present in USDT and in particular line 205.Impact
The USDT asset will cause any consequent approvals to fail (either due to a proxy upgrade or a call to
approveMarket
), potentially locking funds within the system and causing general misbehaviours.Solution (Recommended Mitigation Steps)
We advise the code to perform an approval of
0
prior to any non-zero approval via a utility function to ensure token support of the top cryptocurrencies is satisfied.PoC
Issue is deducible by inspecting the relevant lines referenced in the issue, making note of the non-zero
approve
operations and cross-referencing the code with the USDT implementation linked above.Tools
Manual inspection of the codebase.