Skip to content

Latest commit

 

History

History
43 lines (22 loc) · 1.26 KB

047.md

File metadata and controls

43 lines (22 loc) · 1.26 KB

Sneaky Neon Skunk

Medium

ERC-20 Approval Vulnerability in Pool Creation Function

Summary

The Auction.sol::createPool function in the contract uses the approve method to allow the factory contract to spend an ERC-20 token on behalf of the caller. However, some ERC-20 token implementations may not return a value when approve is called, which could lead to unexpected behavior or vulnerabilities in contracts that rely on this return value to verify success. In this case, failing to check for the return value may cause the approval process to be ineffective, leaving the contract susceptible to attacks where a malicious actor could exploit the lack of validation. To mitigate this, the function should use safeApprove to ensure that the approval succeeds safely and correctly, preventing any potential issues with non-compliant ERC-20 tokens.

Root Cause

https://github.com/sherlock-audit/2024-12-plaza-finance/blob/main/plaza-evm/src/PreDeposit.sol#L154

Internal Pre-conditions

No response

External Pre-conditions

No response

Attack Path

No response

Impact

No response

PoC

No response

Mitigation

// Replace approve with safeApprove
IERC20(params.reserveToken).safeApprove(address(factory), reserveAmount);