QA Report - Githubissues

code423n4 commented 2 years ago

Don't use deprecated library functions

Information : L005 - Do not use Deprecated Library Functions SafeERC20.sol - safeApprove

Instances include :

core/connext/libraries/AssetLogic.sol:347:        SafeERC20.safeApprove(IERC20(_assetIn), address(pool), _amountIn);

Recommendation

Usage of deprecated library functions, for instance safeApprove from OpenZeppelin's SafeERC20 library is discouraged, it is recommended to use safeIncreaseAllowance and safeDecreaseAllowance instead, for example :

core/connext/libraries/AssetLogic.sol:347:        SafeERC20.safeIncreaseAllowance(IERC20(_assetIn), address(pool), _amountIn);

liu-zhipeng commented 2 years ago

fixed

jakekidd commented 2 years ago

approval needs to be reset to 0 and then increased, so we are stuck using safeApprove method in order to do so

I suppose this issue is still valid, however

code-423n4 / 2022-06-connext-findings

QA Report #276

Don't use deprecated library functions

Instances include :

Recommendation