Incompatible Approvals Halt Rewards for UNI, COMP and Others
Summary
The approveRewardTokens function in the contract attempts to approve unlimited allowances for tokens, potentially exceeding the maximum allowance supported by certain popular tokens like UNI and COMP. This could lead to approval failures hindering reward distribution for those tokens.
Vulnerability Details
The contract's approveRewardTokens function attempts to approve maximum allowances (type(uint256).max) for tokens.
Certain popular tokens, including UNI and COMP have restrictions and only support allowances up to type(uint96).max.
Impact
Exceeding this limit during approval results in failures preventing reward distribution for these tokens.
Tools Used
Manual Review
Recommendations
Adjust the function to set allowances to type(uint96).max. Once an allowance is consumed, incorporate logic to automatically re-approve up to type(uint96).max ensuring continued functionality.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.