`Ibo.sol` cannot work with USDT-like tokens

[hats-bug-reporter[bot]]

Github username: @iamjakethehuman Submission hash (on-chain): 0xe54042bc2eb0c5fab5e410dcad967fdf29ca91eb053cbda7d547e825c5aecfef Severity: medium

Description: Description\ The Ibo.sol contract cannot work with USDT-like tokens

Attack Scenario\ Upon creating a bond , the owner of the creator chooses a token to be used when depositing into said bond. The problem is that the current implementation doesn't support USDT (and USDT-like tokens such as BNB).

    struct BondParams {
        uint8 composedFunction;
        IERC20Metadata token;  //@audit - IERC20Metadata interface is used
        uint24 gamma;
        uint16 scale;
        uint24 minRoi; // Min bond ROI, divide by 1000 to get the roi in %
        uint24 maxRoi; // Max bond ROI, divide by 1000 to get the roi in %
        uint256 percentageMaxCvgToMint; // Percentage maximum of the maxCvgToMint that an user can mint in one deposit
        uint256 maxCvgToMint; // Limit of Max CVG to mint
    }

        /// @dev deposit asset in the bondContract
        _bondParams.token.transferFrom(msg.sender, treasuryBonds, amountIn);

The problem here is that due to the used interface, upon calling token.transferFrom a boolean value is expected to be returned. However, some tokens such as USDT and BNB do not return such value. Since a boolean value is expected, but is not returned, the transaction will revert. Tokens such as USDT and BNB cannot be used.

Attachments

1. Proof of Concept (PoC) File PoC not needed here.

2. Revised Code File (Optional)

[walk-on-me]

Hello, Thanks a lot for your attention. You are right that we are not compatible with USDT on the IBO. But we'll not use the USDT or non ERC20 compatible tokens on the IBO.

In some other part of our protocol not shown in the audit, we are using a customized interface without boolean returns

We have so to consider this issue as Invalid