NoBey/openzeppelin-contracts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Document risk of SafeERC20 and ERC-7674 (#5262)

Browse Source 
Signed-off-by: Hadrien Croubois <hadrien.croubois@gmail.com>
This commit is contained in:
cairo
2024-10-17 04:33:22 -07:00
committed by Hadrien Croubois
parent 81c7206393
commit 4ddb8d8fe6
2 changed files with 19 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.changeset/yellow-tables-sell.md Normal file
View File

@ -0,0 +1,5 @@
---
'openzeppelin-solidity': minor
---
`SafeERC20`: Document risks of `safeIncreaseAllowance` and `safeDecreaseAllowance` when associated with ERC-7674.

14
contracts/token/ERC20/utils/SafeERC20.sol
View File

@ -46,6 +46,11 @@ library SafeERC20 {
/** /**
* @dev Increase the calling contract's allowance toward `spender` by `value`. If `token` returns no value, * @dev Increase the calling contract's allowance toward `spender` by `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful. * non-reverting calls are assumed to be successful.
*
* IMPORTANT: If the token implements ERC-7674 (ERC-20 with temporary allowance), and if the "client"
* smart contract uses ERC-7674 to set temporary allowances, then the "client" smart contract should avoid using
* this function. Performing a {safeIncreaseAllowance} or {safeDecreaseAllowance} operation on a token contract
* that has a non-zero temporary allowance (for that particular owner-spender) will result in unexpected behavior.
*/ */
function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal { function safeIncreaseAllowance(IERC20 token, address spender, uint256 value) internal {
uint256 oldAllowance = token.allowance(address(this), spender); uint256 oldAllowance = token.allowance(address(this), spender);
@ -55,6 +60,11 @@ library SafeERC20 {
/** /**
* @dev Decrease the calling contract's allowance toward `spender` by `requestedDecrease`. If `token` returns no * @dev Decrease the calling contract's allowance toward `spender` by `requestedDecrease`. If `token` returns no
* value, non-reverting calls are assumed to be successful. * value, non-reverting calls are assumed to be successful.
*
* IMPORTANT: If the token implements ERC-7674 (ERC-20 with temporary allowance), and if the "client"
* smart contract uses ERC-7674 to set temporary allowances, then the "client" smart contract should avoid using
* this function. Performing a {safeIncreaseAllowance} or {safeDecreaseAllowance} operation on a token contract
* that has a non-zero temporary allowance (for that particular owner-spender) will result in unexpected behavior.
*/ */
function safeDecreaseAllowance(IERC20 token, address spender, uint256 requestedDecrease) internal { function safeDecreaseAllowance(IERC20 token, address spender, uint256 requestedDecrease) internal {
unchecked { unchecked {
@ -70,6 +80,10 @@ library SafeERC20 {
* @dev Set the calling contract's allowance toward `spender` to `value`. If `token` returns no value, * @dev Set the calling contract's allowance toward `spender` to `value`. If `token` returns no value,
* non-reverting calls are assumed to be successful. Meant to be used with tokens that require the approval * non-reverting calls are assumed to be successful. Meant to be used with tokens that require the approval
* to be set to zero before setting it to a non-zero value, such as USDT. * to be set to zero before setting it to a non-zero value, such as USDT.
*
* NOTE: If the token implements ERC-7674, this function will not modify any temporary allowance. This function
* only sets the "standard" allowance. Any temporary allowance will remain active, in addition to the value being
* set here.
*/ */
function forceApprove(IERC20 token, address spender, uint256 value) internal { function forceApprove(IERC20 token, address spender, uint256 value) internal {
bytes memory approvalCall = abi.encodeCall(token.approve, (spender, value)); bytes memory approvalCall = abi.encodeCall(token.approve, (spender, value));