Some tokens do not implement the ERC20 standard properly but are still accepted by most code that accepts ERC20 tokens. For example Tether (USDT)'s approve() function will revert if the current approval is not zero, to protect against front-running changes of approvals.
The FraxlendPairCore contract as currently implemented does not handle these sorts of tokens properly when they are used with swapper in leveragedPosition and repayAssetWithCollateral function which might result in reverts.
amirnader-ghazvini
commented
2 years ago
Lines of code
https://github.com/code-423n4/2022-08-frax/blob/c4189a3a98b38c8c962c5ea72f1a322fbc2ae45f/src/contracts/FraxlendPairCore.sol#L1103 https://github.com/code-423n4/2022-08-frax/blob/c4189a3a98b38c8c962c5ea72f1a322fbc2ae45f/src/contracts/FraxlendPairCore.sol#L1184
Vulnerability details
Impact
Some tokens do not implement the ERC20 standard properly but are still accepted by most code that accepts ERC20 tokens. For example Tether (USDT)'s
approve()function will revert if the current approval is not zero, to protect against front-running changes of approvals.The
FraxlendPairCorecontract as currently implemented does not handle these sorts of tokens properly when they are used with swapper inleveragedPositionandrepayAssetWithCollateralfunction which might result in reverts.Proof of Concept
leveragedPosition- https://github.com/code-423n4/2022-08-frax/blob/c4189a3a98b38c8c962c5ea72f1a322fbc2ae45f/src/contracts/FraxlendPairCore.sol#L1103repayAssetWithCollateral- https://github.com/code-423n4/2022-08-frax/blob/c4189a3a98b38c8c962c5ea72f1a322fbc2ae45f/src/contracts/FraxlendPairCore.sol#L1184Tools Used
Manual Review / VSCode
Recommended Mitigation Steps
It is recommended to consider using OpenZeppelin's SafeERC20's: