The depositCollateral function in the smart contract fails with non-standard compliant tokens like USDT due to their void return type instead of a boolean.
The smart contract is designed to accept any asset which is well-recognized and has chainlink priceFeed as collateral for their stablecoin. But tokens like USDT does not follow standard EIP-20 format and does not return a boolean on trannferFrom function. Calling these functions with the correct EIP20 function signatures will always revert as it is done in the contract. Because of this, when you try to deposit USDT as collateral, the function reverts and users will not be able to deposit into the contract to mint stablecoin.
The impact is that certain non standard tokens like USDT, will not be able to interact with the smart contract as expected.
VS Code
Manual analysis
There is no need to check for a boolean return value in this case as the function will automatically revert on failure, including in cases where the token is non-standard compliant.
Consider using OpenZeppelin’s SafeERC20 versions with the safeTransfer and safeTransferFrom functions that handle the return value check as well as non-standard-compliant tokens.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.