USDT needs safeApprove(0) before setting a new approval
Summary
Some tokens (like USDT) do not work when changing the allowance from an existing non-zero allowance value.They must first be approved by zero and then the actual allowance must be approved
Vulnerability Detail
In FlashLoan.sol, we are approving type(uint256).max when repaying the tokens that we borrowed. However, there are some tokens like USDT that dont allow to approve allowance from non-zero value to non-zero value. So if you try to approve a non-zero value when it already had allowance, the tx will fail. In the _loan() function, it will approve the max value every time this function is called, so the second time it will fail.
Impact
The tx will fail if you have already set the allowance to the contract before. The function approves the max value every time this function is called, so the second time it will fail
Arz
medium
USDT needs safeApprove(0) before setting a new approval
Summary
Some tokens (like USDT) do not work when changing the allowance from an existing non-zero allowance value.They must first be approved by zero and then the actual allowance must be approved
Vulnerability Detail
In FlashLoan.sol, we are approving type(uint256).max when repaying the tokens that we borrowed. However, there are some tokens like USDT that dont allow to approve allowance from non-zero value to non-zero value. So if you try to approve a non-zero value when it already had allowance, the tx will fail. In the _loan() function, it will approve the max value every time this function is called, so the second time it will fail.
Impact
The tx will fail if you have already set the allowance to the contract before. The function approves the max value every time this function is called, so the second time it will fail
Code Snippet
https://github.com/sherlock-audit/2023-05-ironbank/blob/main/ib-v2/src/flashLoan/FlashLoan.sol#L108
Tool used
Manual Review
Recommendation
Consider setting the allowance to 0 before the max value so that the tx doesnt fail
Duplicate of #420