💭Miscellaneous

Book an audit with Zokyo

Miscellaneous Vulnerability 1: type(uint256).max Approval Vulnerability

In the Ethereum smart contract, uint256 is the most significant integer type, capable of representing numbers as large as 2^256 - 1, known as uint256.max. It is a common practice for developers to set the value of uint256.max as the maximum allowance to facilitate token transfers without needing to adjust allowances frequently.

However, the specific vulnerability you described is related to the _approve function where a token holder gives another address (usually a smart contract) permission to spend tokens on their behalf up to a certain limit or "allowance". When this allowance is set to uint256.max, instead of setting the maximum possible value, it remains at its previous value or even gets set to zero due to the way the smart contract interprets this extreme value.

The root of this issue lies in the smart contract not correctly handling the uint256.max input. It is important to note that due to how Ethereum handles arithmetic operations, the maximum effective allowance one can set is uint256.max - 1.

Setting an allowance to uint256.max might result in an underflow error, which occurs when an arithmetic operation yields a result that is less than the minimum representable value. This could lead to unexpected behavior like setting the allowance to zero.

Therefore, developers should consider this caveat when setting allowances and adjust their contracts to handle this edge case properly. Moreover, users should be aware that attempting to set an allowance to uint256.max might not provide the desired outcome due to this issue, and a safer approach would be to set the allowance to uint256.max - 1.

Miscellaneous Vulnerability 2: Watch out for protocols that require the user to approve the contract but have unsafe functionality

Examples:

• [H-13] Anyone Can Arbitrarily Mint Synthetic Assets In VaderPoolV2.mintSynth()

• [H-14] Anyone Can Arbitrarily Mint Fungible Tokens In VaderPoolV2.mintFungible()

• [H-26] All user assets which are approved to VaderPoolV2 may be stolen

Miscellaneous Vulnerability 3: Not using percise token approvals and using maximum approvals

n smart contract development and interaction, it is a well-recognized best practice to grant approvals for only the precise amount of tokens necessary for a specific transaction or operation. This principle holds true regardless of the specific function or method being invoked.

The rationale behind this is multifaceted:

1. Security: Limiting the approved amount can reduce potential losses if there's a security breach. If a contract is given unrestricted access to a user's token balance, any bugs, flaws, or successful attacks on that contract could result in a significant or even total loss of those tokens.

2. Mitigation of vulnerabilities: Exact approvals help prevent exploits associated with "unlimited approval" vulnerabilities. This scenario can occur when a user, perhaps out of convenience, approves a smart contract to spend an extremely large amount of tokens. If the approved contract becomes compromised, an attacker could siphon off the entire balance of the approved tokens.

3. Good practice: Lastly, providing precise approvals embodies the principle of least privilege (PoLP) in security, which recommends that a user, program, or system process should have only the bare minimum privileges necessary to perform its function.

In conclusion, it is crucial to limit token approvals to the exact amounts needed for specific operations. This reduces the risk associated with potential attacks, mitigates known vulnerabilities, and fosters safer interactions within the blockchain ecosystem.

[M-06] Pool: approveAndCall sets unnecessary approval