Liquidity Management
Gamma
DeFiFoundry
50,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Unsafe token approval in ParaSwap's swap function

bladesec

Title

Unsafe token approval in ParaSwap's swap function

Summary

In the ParaSwapUtils.sol token swaps can fail due to improper handling of ERC20 token approvals.

Vulnerability Details

The swap function in ParaSwapUtils.sol handles token approvals not properly.

ParaSwapUtils.sol
14: function swap(address to, bytes memory callData) external {
15: _validateCallData(to, callData);
16: address approvalAddress = IAugustusSwapper(to).getTokenTransferProxy();
17: address fromToken;
18: uint256 fromAmount;
19: assembly {
20: fromToken := mload(add(callData, 68))
21: fromAmount := mload(add(callData, 100))
22: }
23: IERC20(fromToken).safeApprove(approvalAddress, fromAmount);
24: (bool success, ) = to.call(callData);
25: require(success, "paraswap call reverted");
26: }

The implementation sets new approval values without first resetting existing ones to zero. Certain tokens including USDT and BNB have strict requirements where they reject any approval changes when a non-zero value already exists. Once approvals become stuck in this state, there is no mechanism built into the system to fix or reset them.

Impact

Failed token approvals cause swap operations become permanently blocked for the affected token.

Tools Used

Manual Review

Recommendations

The approval process needs to first reset existing approvals to zero and implement a more robust approval pattern that ensures compatibility across all token types.

Updates

Lead Judging Commences

n0kto Lead Judge 8 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

invalid_safeApprove_no_reset

USDT or other unusual ERC20 tokens: out of scope. For the other reports: No proof that the allowance won't be consumed by the receiver.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.