sherlock-admin3
commented
8 months ago 2 comment(s) were left on this issue during the judging contest.
panprog commented:
invalid, full approved amount is transfered downstream in swapadapter, thus always resetting approval back to 0 at the end of the function
takarez commented:
valid; the ReadMe says there is a chance of addign another stable coins in the fututre, so this should be valid; medium(6)
mgf15
medium
safeApprove could revert for non-standard token like USDT
Summary
Certain ERC20 token does not return bool from approve and transfer and transaction revert
Vulnerability Detail
Some non-standard tokens like USDT will revert when a contract or a user tries to approve an al- lowance when the spender allowance has already been set to a non zero value.
Impact
Some tokens do not return a bool on ERC20 methods and use IERC20 token interface will revert transaction
Code Snippet
https://github.com/sherlock-audit/2024-02-smilee-finance/blob/3241f1bf0c8e951a41dd2e51997f64ef3ec017bd/smilee-v2-contracts/src/providers/SwapAdapterRouter.sol#L161
Tool used
Manual Review
Recommendation
It is recommended to set the allowance to zero before increasing the allowance and use safeApprove/safeIncreaseAllowance.