Open hats-bug-reporter[bot] opened 3 months ago
For the approval of USDT,, which chain you think this will create an issue ?
We will deploy this version for EVM chain only mostly Eth, Base, BNB and arb followed by other EVM chain..
For the approval of USDT,, which chain you think this will create an issue ?
We will deploy this version for EVM chain only mostly Eth, Base, BNB and arb followed by other EVM chain..
For sure, the USDT on Ethereum mainnet will be affected. Base, BSC, Arb are not affected. Other EVM, need to check USDT contract's code.
Thank you for submitting the issue. We've resolved it and pushed the changes, which can be found here: https://github.com/Velvet-Capital/velvet-core/commit/25ef3e7a2bdf56f57901dba2f84ebf5ed5df7835
@chainNue
Github username: -- Twitter username: -- Submission hash (on-chain): 0x3b176f1644b312569f5ab491f6c1d4101a3dad77de404565732eeac32fdb36ca Severity: medium
Description: Description:
In
DepositBatch
,multiTokenSwapAndTransfer
function, there is a plainApprove
ERC20 function which need to be concerned.When the
_token
being approved is USDT in Mainnet, it's a well-known issue it will be reverted. The token have limitations when it comes to modifying the allowance from a non-zero value. For instance, the approve() function of Tether (USDT) will throw an error if the current approval is not set to zero.Based on velvet capital docs, with current depoloyment (BSC and Arbitrum) this USDT is not being an issue, but the
Intent OS
is aim for multi-chain deployment.Impact:
Approval of USDT token will fail, deposit will not success for any USDT token on mainnet
Mitigation:
Recommend setting allowance to zero first before setting it to a non zero value, or use a safe increase allowance