Omniscia Native Audit
TransferHelper Static Analysis Findings
TransferHelper Static Analysis Findings
THR-01S: Deprecated Approval Methodology
| Type | Severity | Location |
|---|---|---|
| Standard Conformity |  | TransferHelper.sol:L34 |
Description:
The linked statement invokes the safeApprove function which has been officially deprecated by the OpenZeppelin standard.
Impact:
The safeApprove function indirectly validates that the approval that already exists for the target party has been previously set to zero if being set to a non-zero value. This can cause significant issues in the case of upgrade-able contracts or contracts whose allowance may not be utilized in full as subsequent safeApprove invocations will fail rendering it inoperable.
Example:
34IERC20(token).safeApprove(to, value);Recommendation:
We advise the code to utilize a safeIncreaseAllowance and / or a safeDecreaseAllowance depending on the execution context and desired result.
Alleviation:
The deprecated safeApprove approval methodology has been replaced by two new safeIncreaseAllowance and safeDecreaseAllowance functions that behave in a standard way.