Omniscia Pirex Audit

PirexCvx Static Analysis Findings

PCV-01S: Improper Invocation of EIP-20 Approve Function

Type	Severity	Location
Standard Conformity		PirexCvx.sol:L281, L284

Description:

The linked statement does not properly validate the returned bool of the EIP-20 standard approve function. As the standard dictates, callers must not assume that false is never returned.

Example:

contracts/PirexCvx.sol

280if (address(unionPirex) != address(0)) {
281    pxCvx.approve(address(unionPirex), 0);
282}
283unionPirex = UnionPirexVault(contractAddress);

Recommendation:

Since not all standardized tokens are EIP-20 compliant (such as Tether / USDT), we advise the already imported SafeTransferLib safe wrapper library to be utilized instead to opportunistically validate the returned bool only if it exists.

Alleviation:

The code was updated to utilize the safeApprove implementation of the solmate library thus ensuring that it properly evaluates the yielded bool for errors.

Omniscia Pirex Audit

PirexCvx Static Analysis Findings

PirexCvx Static Analysis Findings

PCV-01S: Improper Invocation of EIP-20 Approve Function

Description:

Example:

Recommendation:

Alleviation:

Code Style

PirexFees.sol (PFS-S)

On this page