Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
[SoHoAudit] Race Condition via “ERC20 API Attack” on ERC20Token.sol #850
A known race condition exists within the present implementation of the ERC20 standard. Due to the nature of this vulnerability being an inherent flaw in the ERC20 standard, considerations must be made for any divergence (as modifications made while no longer be ERC20 compliant).
The scenario for exploitation is as follows:
The particular exploit requires the usage of both the
A potential fix includes preventing a call to
At this point, this is more or less a consideration of whether or not the team determines this to be an acceptable risk.