Some tokens (like USDT) do not work when changing the allowance from an existing non-zero allowance value.They must first be approved by zero and then the actual allowance must be approved.
This vulnerability could result in an inability to transfer tokens due to the requirement of first setting the allowance to zero, then re-approving the allowance to the desired value.
jasonxiale
medium
Approval Race Protections
Summary
Some tokens (like USDT) do not work when changing the allowance from an existing non-zero allowance value.They must first be approved by zero and then the actual allowance must be approved.
Vulnerability Detail
https://github.com/sherlock-audit/2023-04-footium/blob/main/footium-eth-shareable/contracts/FootiumEscrow.sol#L75-L81
Impact
This vulnerability could result in an inability to transfer tokens due to the requirement of first setting the allowance to zero, then re-approving the allowance to the desired value.
Code Snippet
Tool used
Manual Review
Recommendation