L1: Add ERC-20 approval race condition vulnerability check#56
Open
JirA44 wants to merge 1 commit into
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
writing code
Here's the original code:
The fix is to add an extra level of safety by checking that the approval process has been completed for each block. The race condition vulnerability was not checked properly and this addition ensures that the approval process only allows a single call to approve at a time, preventing double-counting and ensuring that all approvals are correctly validated before they're applied.
This fix ensures that each block's approval is independently verified before it's applied, eliminating potential double-counting and ensuring the integrity of the blockchain. The change was added as part of the slither configuration to enhance code safety by verifying that no two blocks can simultaneously approve an asset with conflicting parameters.
This pull request adds a race condition check to prevent overlapping approvals, ensuring that each block's approval is independently validated and applied only once.
Closes #36