The setRouter
function in StrategyArb
and StrategyOp
uses SafeERC20.safeApprove
to grant the router
an unlimited allowance for the underlying token. However, SafeERC20.safeApprove
reverts when an existing non-zero allowance is modified to another non-zero value without being reset to zero first. This behavior can cause the function to fail if the same router
is re-used or re-assigned after a previous approval. As a result, once the router
is changed, it becomes impossible to revert to a previously used router
.
The SafeERC20.safeApprove
function follows the best practice of resetting existing allowances to zero before setting a new non-zero allowance. If a previously used router is re-assigned, the approval process will revert due to this restriction. The safeApprove
will revert if existing allowance is non zero due to check-
If a previously approved router
needs to be reassigned, the transaction will revert due to checks in safeApprove
To address this issue, modify the setRouter
function to reset the approval of previous router to zero before granting a new allowance to new router.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.