DSCEngine.sol assumes that all ERC20 tokens used as collateral will return a success bool.
DSCEngine.sol assumes that all ERC20 tokens used as collateral will return a success bool. This isn't true. Many popular ERC20 tokens like Tether return nothing on successful transfer and instead reverts on failure.
DSCEngine will fail to use popular tokens like Tether as collateral as the depositCollateral, _redeemCollateral methods will revert even though the transfer/transferFrom call on the collateral actually succeeded.
I recommend wrapping the collateral ERC20 token with SafeERC20(from OpenZeppelin) and using the safeTransfer/safeTransferFrom methods instead.
These will handle both cases of:
ERC20 tokens returning a boolean representing the success state
ERC20 tokens not returning a boolean and instead just reverting on failure state
SafeERC20 docs: https://docs.openzeppelin.com/contracts/4.x/api/token/erc20#SafeERC20
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.