QA Report #130
Labels
bug
Something isn't working
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
Comments
code423n4
added
bug
|
low: safeApprove, unsafe approve |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
LOW
L-01: Outdated compiler version (pragma solidity 0.6.12)
Older compilers might be susceptible to some bugs.
I recommend changing the solidity version pragma to the latest version to enforce the use of an up-to-date compiler.
A list of known compiler bugs and their severity can be found here: https://etherscan.io/solcbuginfo
L-02: Unsafe
approveYieldManager.sol#L221
The ERC20.approve() function returns a boolean value indicating success.
This parameter needs to be checked for success.
I recommend using OpenZeppelin’s
safeApprovefunction that handle the return value check as it was done it the other contracts.NON-CRITICAL
N-01:
safeApprovehas been deprecatedConvexCurveLPVault.sol#L158
LidoVault.sol#L102
Consider using
safeIncreaseAllowanceandsafeDecreaseAllowanceinstead.REFERENCE
The text was updated successfully, but these errors were encountered: