My contract wants to increase a user’s allowance by +5. I simply call safeIncreaseAllowance(user, 5)
as recommended by the SafeERC20 contract.
An auditor suggested the following:
safeIncreaseAllowance(user, 0); safeIncreaseAllowance(user, 5);
This does not make sense to me, as the first call does nothing. I think he’s copying the pattern for approve
.
Question: Is my call above safe with respect to the known vulnerability to approve
?
Discussion:
I read about the vulnerability in approve
. It looks to me like most people are still doing this wrong. AFAIK, the “vulnerability” is only when you send 2 separate approve transactions and the attacker front runs the calls to grab more tokens than intended.
For example, yearn’s contracts do the following:
IERC20(want).safeApprove(ypool, 0);
IERC20(want).safeApprove(ypool, _want);
How is this safer? The pair of calls is equivalent to calling approve(ypool, _want)
. But the pair of calls is used to undermine the safety checks in safeApprove
.