Using transfer/transferFrom instead of safeTransfer/From can cause failed transfers
Summary
Throughout the protocol transfer/transferFrom are used instead of openzeppelins's safeTransferFrom this can cause some tokens which do not fully comply with the erc20 standard to fail but this is also best practice.
Root Cause
These “safe” functions make sure that in case the tokens we’re interacting with returns a boolean value (but only if it returns something), the transaction will be reverted, usign this library we can make sure all those weird ERC20 implementations don’t break the protocol.
The protocol can suffer from failed transfers even though one might go through or the opposite. It is recommended practice to use safeERC to prevent unexpected behavior.
PoC
No response
Mitigation
The recommended way to transfer ERC20 tokens and ERC721 nft's is to use openzeppelin's safeERC contract.
anon339900
Medium
Using transfer/transferFrom instead of safeTransfer/From can cause failed transfers
Summary
Throughout the protocol transfer/transferFrom are used instead of openzeppelins's
safeTransferFromthis can cause some tokens which do not fully comply with the erc20 standard to fail but this is also best practice.Root Cause
These are all instances identified throught scope: 1,2,3,4,5,6.7,8,9,10,11,12,13,14,15,16,17,18,19
Internal pre-conditions
No response
External pre-conditions
No response
Attack Path
No response
Impact
The protocol can suffer from failed transfers even though one might go through or the opposite. It is recommended practice to use
safeERCto prevent unexpected behavior.PoC
No response
Mitigation
The recommended way to transfer ERC20 tokens and ERC721 nft's is to use openzeppelin's
safeERCcontract.