not every token works FINE with IERC20 standard thus the decimal value would be wrong.
Summary
not every token works FINE with IERC20 standard
Vulnerability Detail
in the GSP.sol contract in line 78 the the code used the IERC20 meta data standard to store the decimal of the token used but the problem there are tokens like usdt which you are going to use aren't able to work perfectly fine with IERC20 standards.
Impact
the decimal storing will not work for the that kind of tokens.
consider implementing configurable mapping or a manual mechanism to allow setting the decimal value for tokens that do not conform to the standard. This way, the contract can handle weird tokens including those with non-standard implementations.
Avci
medium
not every token works FINE with IERC20 standard thus the decimal value would be wrong.
Summary
not every token works FINE with IERC20 standard
Vulnerability Detail
in the
GSP.sol
contract in line 78 the the code used the IERC20 meta data standard to store the decimal of the token used but the problem there are tokens like usdt which you are going to use aren't able to work perfectly fine with IERC20 standards.Impact
the decimal storing will not work for the that kind of tokens.
Code Snippet
https://github.com/sherlock-audit/2023-12-dodo-gsp/blob/main/dodo-gassaving-pool/contracts/GasSavingPool/impl/GSP.sol#L78
Tool used
Manual Review
Recommendation
consider implementing configurable mapping or a manual mechanism to allow setting the decimal value for tokens that do not conform to the standard. This way, the contract can handle weird tokens including those with non-standard implementations.