15,000 USDC
View results
Submission Details
Severity: medium
Valid

Imcompatiable with non-standard tokens like USDT

Summary

The token for deposit or collateral may not be standard ERC20 token, which may cause revert for the current contract.

Vulnerability Details

When handling token trnasfer, the contract DSCEngine always consider the target token is standard ERC20, which will return a boolean value.

However, this does not work if the token does not return a return value, like USDT.

Impact

DoS with some operation(linked addresses)

Tools Used

Manual

Recommendations

Recommend using OpenZeppelin’s SafeERC20 methods.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.