Gas Optimizations

[code423n4]

1. While setting the allowance to 0, using _token.safeApprove() makes less external call to save gas

• In libraries/ExchangeHelpers.sol#L32-L33, safeDecreaseAllowance() is used to set zero allowance. Using _token.safeApprove(_spender, 0) will require less external calls which will save gas.
• While using _token.safeApprove(_spender, 0), token.allowance(address(this), spender) will not be called.

Snippets from ExchangeHelpers library

  function setMaxAllowance(IERC20 _token, address _spender) internal {
      uint256 _currentAllowance = _token.allowance(address(this), _spender);
      if (_currentAllowance != type(uint256).max) {
          // Decrease to 0 first for tokens mitigating the race condition
          _token.safeDecreaseAllowance(_spender, _currentAllowance);
          _token.safeIncreaseAllowance(_spender, type(uint256).max);
      }
  }

Snippets from Openzeppelin's SafeERC20 library:

    function safeApprove(
        IERC20 token,
        address spender,
        uint256 value
    ) internal {
        // safeApprove should only be called when setting an initial allowance,
        // or when resetting it to zero. To increase and decrease it, use
        // 'safeIncreaseAllowance' and 'safeDecreaseAllowance'
        require(
            (value == 0) || (token.allowance(address(this), spender) == 0),
            "SafeERC20: approve from non-zero to non-zero allowance"
        );
        _callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));
    }

[obatirou]

1. While setting the allowance to 0, using _token.safeApprove() makes less external call to save gas (disputed)

The auditor suggest to use safeApprove to avoid calling allowance, but if you don't call allowance we won't be able to check if the allowance is already at UINT256 maximum or not.

• So even if we use safeApprove we still have to call allowance to check if the factory already has the allowance before calling safeIncreaseAllowance.
• safeApprove is deprecated