Omniscia Arcade XYZ Audit
AssetVault Static Analysis Findings
AssetVault Static Analysis Findings
AVT-01S: Deprecated Approval Methodology
| Type | Severity | Location |
|---|---|---|
| Standard Conformity | ![]() | AssetVault.sol:L299 |
Description:
The linked statement invokes the safeApprove function which has been officially deprecated by the OpenZeppelin standard.
Impact:
The safeApprove function indirectly validates that the approval that already exists for the target party has been previously set to zero if being set to a non-zero value. This can cause significant issues in the case of upgrade-able contracts or contracts whose allowance may not be utilized in full as subsequent safeApprove invocations will fail rendering it inoperable.
Example:
contracts/vault/AssetVault.sol
299IERC20(token).safeApprove(spender, amount);Recommendation:
We advise the code to utilize a safeIncreaseAllowance and / or a safeDecreaseAllowance depending on the execution context and desired result.
Alleviation (7a4e1dc948e94ded7385dbb74818bcf93ecc207c):
The Arcade XYZ team evaluated this exhibit and opted to retain the current behaviour of the codebase.
