Omniscia Alliance Block Audit
SubscriptionPaymentPortal Static Analysis Findings
SubscriptionPaymentPortal Static Analysis Findings
CON-01S: Deprecated Approval Methodology
| Type | Severity | Location |
|---|---|---|
| Standard Conformity |  | SubscriptionPaymentPortal.sol:L442 |
Description:
The linked statement invokes the safeApprove function which has been officially deprecated by the OpenZeppelin standard.
Impact:
The safeApprove function indirectly validates that the approval that already exists for the target party has been previously set to zero if being set to a non-zero value. This can cause significant issues in the case of upgrade-able contracts or contracts whose allowance may not be utilized in full as subsequent safeApprove invocations will fail rendering it inoperable.
Example:
442usdt.safeApprove(uniswapRouter, paymentConfig_.priceWithUSDT);Recommendation:
We advise the code to utilize a safeIncreaseAllowance and / or a safeDecreaseAllowance depending on the execution context and desired result.
Alleviation:
The safeIncreaseAllowance function of the OpenZeppelin library is now utilized instead ensuring the code will behave as expected regardless of the underlying allowance currently set.