🤦♂️Failing to Reset Token Approvals in Case of Failed Transactions or other actions
Watch out for try-catch patterns where a transaction could fail but the code continues meaning that any approvals made before the try-catch block remains
[H-05] Approval is not reset if the call to IFulfillHelper fails
In the linked bug bounty report, The smart contract uses a function fulfill, which initially approves the callTo function to transfer a specific amount of toSend tokens. This approval process attempts to call an IFulfillHelper, a function to add funds into the contract. If this call fails, the function transfers the assets directly to the receiver.
However, a vulnerability arises due to the fact that the approval is not reset if the call fails. This is a security risk because a malicious callTo function could potentially extract these approved tokens at a later point. The approval remains in place even if the call to the IFulfillHelper function fails and the tokens are transferred directly.
This issue exists because there are no explicit mechanisms in the function's implementation to handle failed transactions and reset the approval accordingly.
Thus, it is essential to remember to incorporate a feature to reset approvals in cases of failed transactions, in order to protect against malicious actions in smart contracts.
Here is another issue:
[H-03] Approval for NFT transfers is not removed after transfer
Last updated