MGF15/wemix.md

Created August 29, 2023 11:35

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/MGF15/1d146b7845d210eb8b87a1c332530aeb.js"></script>
Save MGF15/1d146b7845d210eb8b87a1c332530aeb to your computer and use it in GitHub Desktop.

Download ZIP

Raw

wemix.md

M | Approval Race Protections

Description :-

Some tokens (e.g. USDT, KNC) do not allow approving an amount M > 0 when an existing amount N > 0 is already approved. This is to protect from an ERC20 attack vector describe here

Proof Of Concept

File:wemix-lending-contract-main/contracts/lending/TeamMinter.sol

61:        IERC20(underlyingTokenAddress).approve(cErc20Address, mintAmount);

Context:-

TeamMinter.sol#L61