Submission Details
Severity:
Imcompatiable with non-standard tokens like USDT
Summary
The token for deposit or collateral may not be standard ERC20 token, which may cause revert for the current contract.
Vulnerability Details
When handling token trnasfer, the contract DSCEngine always consider the target token is standard ERC20, which will return a boolean value.
However, this does not work if the token does not return a return value, like USDT.
Impact
DoS with some operation(linked addresses)
Tools Used
Manual
Recommendations
Recommend using OpenZeppelin’s SafeERC20 methods.
Prize pool breakdown
Total prize
15,000 USDC
nSLOC
23664 USDC / LOC
14,000 USDC
1,000 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.