increaseAllowance and decreaseAllowance has been deprecated by OZ #733
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
duplicate-320
low quality report
This report is of especially low quality
unsatisfactory
does not satisfy C4 submission criteria; not eligible for awards
Comments
c4-submissions
added
2 (Med Risk)
|
raymondfam marked the issue as low quality report |
c4-pre-sort
added
the
low quality report
|
raymondfam marked the issue as duplicate of #320 |
|
gzeon-c4 marked the issue as unsatisfactory: |
c4-judge
added
the
unsatisfactory
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Lines of code
https://github.com/code-423n4/2023-09-centrifuge/blob/main/src/token/ERC20.sol#L139
https://github.com/code-423n4/2023-09-centrifuge/blob/main/src/token/ERC20.sol#L148
Vulnerability details
Impact
Using these functions will result in unexpected behaviour which will cause contracts to become corrupted.
Proof of Concept
increaseAllowance and decreaseAllowance are already considered non-standard function and has now been deprecated. Check this.
Tools Used
Manual Review
Recommended Mitigation Steps
Utilise updated version of OZ ERC-20 contracts.
Assessed type
ERC20
The text was updated successfully, but these errors were encountered: