BugBusters
medium
The code grants an unlimited token allowance to the Iron Bank contract, which can lead to potential security risks and unauthorized token transfers.
The code snippet grants an unlimited token allowance to the Iron Bank contract using the safeApprove function. However, providing an unlimited allowance can introduce potential security risks and vulnerabilities. By granting an unlimited approval, the Iron Bank contract gains the ability to transfer any amount of the token from the borrower's address, even beyond the intended loan amount. This can lead to unauthorized or unexpected token transfers, resulting in potential financial loss or exploitation.
Granting an unlimited token approval to the Iron Bank contract can have severe consequences, including:
Unauthorized token transfers: The Iron Bank contract can transfer tokens beyond the intended loan amount, potentially causing financial loss to the borrower.
There are many real life examples of approve related hacks, but one of the most recent is as follow
Recently @SushiSwap RouterProcessor2 has an approve-related bug, which leads to the loss of >$3.3M loss (about 1800 eth) https://twitter.com/WhaleCoinTalk/status/1644975075861602304 https://twitter.com/peckshield/status/1644907207530774530
https://github.com/sherlock-audit/2023-05-ironbank/blob/main/ib-v2/src/flashLoan/FlashLoan.sol#L108
Manual Review
Adjust the code to approve only the specific amount required for the flash loan, instead of granting an unlimited allowance.
if (allowance < amount) {
SafeERC20.safeApprove(IERC20(token), ironBank, amount);
}