`CapitalPool::approve()` does not work with tokens that have max approval < uint256
Summary
CapitalPool::approve() does not work with tokens that have max approval < uint256
Vulnerability Details
As seen in the code above, the approval given is max uint256 while there are some tokens such as UNI and COMP that only have max approval uint96. This will cause the approve function to always revert and transfer cannot be done.
Impact
approve function will always revert those tokens
Tools Used
Manual Review
Recommended Mitigation
Make sure UNI and COMP tokens not included in token whitelist
Lead Judging Commences
[invalid] finding-CapitalPool-approve-uint256-max
Thanks for flagging, indeed since uint(-1) is representative of max uint256 value, when entering the `if` statement, it will be converted to uint96 max amout, so it will not revert as described. In issue #361, the mockToken utilized does not correctly reflect the below approval behavior. ```Solidity function approve(address spender, uint rawAmount) external returns (bool) { uint96 amount; if (rawAmount == uint(-1)) { amount = uint96(-1); } else { amount = safe96(rawAmount, "Comp::approve: amount exceeds 96 bits"); } ```
Appeal created
[invalid] finding-CapitalPool-approve-uint256-max
Thanks for flagging, indeed since uint(-1) is representative of max uint256 value, when entering the `if` statement, it will be converted to uint96 max amout, so it will not revert as described. In issue #361, the mockToken utilized does not correctly reflect the below approval behavior. ```Solidity function approve(address spender, uint rawAmount) external returns (bool) { uint96 amount; if (rawAmount == uint(-1)) { amount = uint96(-1); } else { amount = safe96(rawAmount, "Comp::approve: amount exceeds 96 bits"); } ```
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.