Depreciated function and frontunning on decreaseAllowance #323
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
duplicate-320
low quality report
This report is of especially low quality
unsatisfactory
does not satisfy C4 submission criteria; not eligible for awards
Lines of code
https://github.com/code-423n4/2023-09-centrifuge/blob/512e7a71ebd9ae76384f837204216f26380c9f91/src/token/ERC20.sol#L139
https://github.com/code-423n4/2023-09-centrifuge/blob/512e7a71ebd9ae76384f837204216f26380c9f91/src/token/ERC20.sol#L148
Vulnerability details
OpenZeppelin/openzeppelin-contracts#4585
These functions are not part of the EIP-20 specs.
These functions may allow for further phishing possibilities (instead of the common approve or permit ones; see e.g. just 12 hours ago someone lost $24m since he got tricked into signing a malicious increaseAllowance payload https://etherscan.io/tx/0xcbe7b32e62c7d931a28f747bba3a0afa7da95169fcf380ac2f7d54f3a2f77913).
The security concerns that fix increaseAllowance and decreaseAllowance are not critical in the wild (and both can be frontrunned also).
Impact
It invites phishing and frontrunning
Proof of Concept
Tools Used
Manual Review
Recommended Mitigation Steps
Use safeIncreaseAllowance & safeDecreaseAllowance, it uses forceApproval. It's better to use non-depreciated standards to not affect future development.
https://github.com/OpenZeppelin/openzeppelin-contracts/blob/60e3ffe6a3cc38ab94cae995bc1de081eed79335/contracts/token/ERC20/utils/SafeERC20.sol#L48-L69
Assessed type
ERC20
The text was updated successfully, but these errors were encountered: