Closed c4-bot-2 closed 2 months ago
Report of satisfactory quality and weird token behavior is in scope as per README
3docSec marked the issue as satisfactory
3docSec marked the issue as selected for report
3docSec marked the issue as duplicate of #10
3docSec marked the issue as not selected for report
Lines of code
https://github.com/code-423n4/2024-06-krystal-defi/blob/f65b381b258290653fa638019a5a134c4ef90ba8/src/Common.sol#L551
Vulnerability details
Impact
Common._swap()
may revert for tokens that do not allow an approval amount of 0.Proof of Concept
As indicated by
Common._safeResetAndApprove()
some tokens do not allow an approval amount of 0:However, inside
Common._swap()
such an approval of 0 is attempted at L551_safeApprove(tokenIn, swapRouter, 0);
, where_safeApprove()
is:This means that L551 may cause a revert with such a token.
Recommended Mitigation Steps
Take precautions similar to those in
_safeResetAndApprove()
, setting approval to1
in case of failure.Assessed type
ERC20