Because the USDT token has a mechanism that requires the allowances to be equal to zero, the flash loan can fail.
Vulnerability Detail
The first time IERC20(token).safeApprove(ironBank, type(uint256).max); is executed, it will succeed because the allowance is zero. However,in the second time that the allowance is less than the amount, it will fail the because the allowance is not zero.
jprod15
medium
FlashLoan can be fail if token is USDT
Summary
Because the USDT token has a mechanism that requires the allowances to be equal to zero, the flash loan can fail.
Vulnerability Detail
The first time IERC20(token).safeApprove(ironBank, type(uint256).max); is executed, it will succeed because the allowance is zero. However,in the second time that the allowance is less than the amount, it will fail the because the allowance is not zero.
Impact
Code Snippet
https://github.com/sherlock-audit/2023-05-ironbank/blob/main/ib-v2/src/flashLoan/FlashLoan.sol#L107-L109
Tool used
Manual Review
Recommendation
add