Omniscia Alliance Block Audit

SubscriptionPaymentPortal Static Analysis Findings

SubscriptionPaymentPortal Static Analysis Findings

CON-01S: Deprecated Approval Methodology

Description:

The linked statement invokes the safeApprove function which has been officially deprecated by the OpenZeppelin standard.

Impact:

The safeApprove function indirectly validates that the approval that already exists for the target party has been previously set to zero if being set to a non-zero value. This can cause significant issues in the case of upgrade-able contracts or contracts whose allowance may not be utilized in full as subsequent safeApprove invocations will fail rendering it inoperable.

Example:

contracts/subscription/SubscriptionPaymentPortal.sol
442usdt.safeApprove(uniswapRouter, paymentConfig_.priceWithUSDT);

Recommendation:

We advise the code to utilize a safeIncreaseAllowance and / or a safeDecreaseAllowance depending on the execution context and desired result.

Alleviation:

The safeIncreaseAllowance function of the OpenZeppelin library is now utilized instead ensuring the code will behave as expected regardless of the underlying allowance currently set.