The approveRewardTokens
function in SDLPoolCCIPControllerPrimary
is currently utilizing the deprecated safeApprove
function from OpenZeppelin. This deprecated function can lead to unintended reverts and potential issues with fund locking.
The usage of the deprecated safeApprove
function is flagged as a concern due to the possibility of unintended reverts. The OpenZeppelin ERC20 safeApprove()
function has been deprecated, and it's advised to replace it with safer alternatives like safeIncreaseAllowance
or safeDecreaseAllowance
.
The impact of using the deprecated safeApprove
function includes the risk of unintended reverts, potentially leading to the locking of funds. This can affect the functionality and reliability of the approveRewardTokens
function.
Manual code review, and OpenZeppelin issue #2219 ( https://github.com/OpenZeppelin/openzeppelin-contracts/issues/2219 ).
It is recommended to replace the deprecated safeApprove
function with safer alternatives, such as safeIncreaseAllowance
or safeDecreaseAllowance
, as suggested in the OpenZeppelin comments. This update ensures compatibility with modern best practices and avoids potential issues related to deprecated functionality.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.