The decimals() function is not a part of the ERC-20 standard, and was added later as an optional extension. As such, some valid ERC20 tokens do not support this interface, so it is unsafe to blindly cast all tokens to this interface, and then call this function.
Hello,
Thanks a lot for your attention.
We will only use token that follow the erc20 standards.
In conclusion we have so to consider this issue as invalid.
Github username: @saidqayoumsadat Submission hash (on-chain): 0xfe0fae9c4c1fa38373b80cab8368ba557914fb700c56bebd46176aba04bef23d Severity: low
Description: Description
The decimals() function is not a part of the ERC-20 standard, and was added later as an optional extension. As such, some valid ERC20 tokens do not support this interface, so it is unsafe to blindly cast all tokens to this interface, and then call this function.
https://github.com/Cvg-Finance/hats-audit/blob/da48577d2f42fa8c2e35bb7223208ea6ba88012e/contracts/Oracles/CvgOracle.sol#L212-L213
https://github.com/Cvg-Finance/hats-audit/blob/da48577d2f42fa8c2e35bb7223208ea6ba88012e/contracts/PresaleVesting/Ibo.sol#L291