Closed code423n4 closed 1 year ago
BridgeToken
inherits the ERC20 specification from open zeppelin, so there is no possibility of the token being non-compliant with ERC20 specification under the hood.
This is not necessarily true, because there could always be different tokens enrolled for the token registry via the enrollCustom
function. However, the BridgeToken
contract is not in scope.
Out of scope and _approve
is correctly handled under the hood.
Lines of code
https://github.com/code-423n4/2022-06-connext/blob/b4532655071566b33c41eac46e75be29b4a381ed/contracts/contracts/core/connext/helpers/BridgeToken.sol#L121-L139
Vulnerability details
Impact
Tokens not compliant with the ERC20 specification could return false from the approve function call to indicate the approval fails, while the calling contract would not notice the failure if the return value is not checked.
Proof of Concept
https://github.com/code-423n4/2022-06-connext/blob/b4532655071566b33c41eac46e75be29b4a381ed/contracts/contracts/core/connext/helpers/BridgeToken.sol#L121-L139
Tools Used
Manual review
Recommended Mitigation Steps
Use the
safeApprove
function instead, which reverts the transaction with a proper error message when the return value ofapprove
is false. A better approach is to use thesafeIncreaseAllowance
function, which mitigates the multiple withdrawal attack on ERC20 tokens.