Smart contracts that interact with ERC20 tokens often require setting allowances for other addresses to manage tokens on behalf of the token owner. A practice is to set a very high allowance (e.g., type(uint256).max) to avoid having to repeatedly approve smaller amounts. This is done in the SablierV2MerkleLT
and SablierV2MerkleLL
constructors for max approval the Sablier contract to spend funds from the MerkleLockup
contract.
However, certain ERC20 tokens, such as UNI
and COMP
, implement special logic in their approve function to handle large approval values differently. Specifically, they revert if the value passed to approve
or transfer
is larger than uint96
. This revert leads to the failure of the smart contracts deployment.
The constructors in the SablierV2MerkleLT
and SablierV2MerkleLL
set a very high allowance (type(uint256).max
) for approving the Sablier contract to spend funds from the MerkleLockup
contract. However some ERC20 tokens, such as UNI
and COMP
, implement special logic in their approve function to handle large approval values differently. Specifically, they revert if the value passed to approve
or transfer
is larger than uint96
.
For reference:
UNI smart contract here https://etherscan.io/token/0x1f9840a85d5af5bf1d1762f925bdaddc4201f984#code#L345
COMP smart contract here https://etherscan.io/token/0xc00e94cb662c3520282e6f5717214004a7f26888#code#L95
Attempts to deploy the contracts with token like UNI and COMP will lead to a failure. These tokens can't be used in the airstream (for example: airdrop).
Manual review
Set the approval with the proper value or manage this behaviour separately.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.