Skip to content

Latest commit

 

History

History
24 lines (16 loc) · 1.01 KB

069.md

File metadata and controls

24 lines (16 loc) · 1.01 KB

dacian

medium

Use safeTransfer/safeTransferFrom instead of transfer/transferFrom

Summary

Teller aims to support all ERC20 tokens, hence must use safeTransfer/safeTransferFrom instead of transfer/transferFrom when sending ERC20 tokens

Vulnerability Detail

Most places are using safeTransfer, but there are at least 2 in the files under the audit where ERC20 tokens are mistakenly sent using transfer/transferFrom instead of safeTransfer/safeTransferFrom

Impact

Non-standard ERC20 tokens may not work with Teller if using transfer/transferFrom

Code Snippet

CollateralManager L327 CollateralEscrowV1 L166

Tool used

Manual Review

Recommendation

Use safeTransfer/safeTransferFrom