Beanstalk Part 3

Title

LibFertilizer::addUnderlying reverts if the token's approve method doesn't return a bool for tokens like USDT

Summary

Using IERC20::approve will not work with ERC20 tokens that do not return a bool.

Vulnerability Details

As per Beanstalk doc, the protocol interacts with ERC tokens like USDT.

The addUnderlying function in the LibFertilizer contract uses the approve method to set allowances for the barnRaiseWell contract. If the token used does not return a boolean value, this function will fail.

This will cause revert if the target ERC20 was a non-standard token that has different function signature for approve function. Tokens like USDT will cause revert for this function, so they can't be used as reward token, input token and underlying asset(which is our case)

Solidity has return data length checks, and if the token implementation does not return a bool value, the transaction will revert.

https://github.com/Cyfrin/2024-05-Beanstalk-3/blob/662d26f12ee219ee92dc485c06e01a4cb5ee8dfb/protocol/contracts/libraries/LibFertilizer.sol#L139-L154

Impact

Medium, because functionality won't work

When attempting to add underlying assets using tokens that do not return a boolean value on the approve call, the transaction will revert. This means that any function in the LibFertilizer contract that relies on approve will fail if it interacts with such tokens. Users will be unable to add liquidity or perform other operations involving these tokens, leading to potential disruptions in the functionality of the contract.

Tools Used

Manual review

Recommendations

Use forceApprove from OpenZeppelin's SafeERC20 library.