Skip to content
This repository has been archived by the owner on Dec 17, 2023. It is now read-only.

IceBear - Deprecated safeApprove() function #27

Closed
sherlock-admin opened this issue Jun 11, 2023 · 0 comments
Closed

IceBear - Deprecated safeApprove() function #27

sherlock-admin opened this issue Jun 11, 2023 · 0 comments
Labels
Non-Reward This issue will not receive a payout

Comments

@sherlock-admin
Copy link
Contributor

sherlock-admin commented Jun 11, 2023
edited by github-actions bot
Loading

IceBear

medium

Deprecated safeApprove() function

Summary

Deprecated safeApprove() function

Vulnerability Detail

The OpenZeppelin ERC20 safeApprove() function has been deprecated, as seen in the comments of the OpenZeppelin code.

Impact

safeApprove() is Deprecated because has issues similar to the ones found in {IERC20-approve}, and its usage is discouraged.

Read More: SafeERC20.safeApprove() Has unnecessary and unsecure added behavior
OpenZeppelin/openzeppelin-contracts#2219

Code Snippet

https://github.com/sherlock-audit/2023-05-ironbank/blob/main/ib-v2/src/flashLoan/FlashLoan.sol#L108

Tool used

Manual Review

Recommendation

As suggested by the OpenZeppelin comment, replace safeApprove() with safeIncreaseAllowance() or safeDecreaseAllowance() instead.

Duplicate of #420
@github-actions github-actions bot added Medium A valid Medium severity issue Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label labels Jun 19, 2023
@sherlock-admin sherlock-admin added Non-Reward This issue will not receive a payout and removed Medium A valid Medium severity issue Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label labels Jun 25, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
Non-Reward This issue will not receive a payout
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sherlock-admin