Closed
Description
Approve method is vulnerable to the issue described here: https://docs.google.com/document/d/1YLPtQxZu1UAvO9cZ1O2RPXBbT0mooh4DYKjA_jp-RLM/edit#heading=h.m9fhqynw2xvt
please consider adding this check at the beginning of the method:
// To change the approve amount you first have to reduce the addresses// allowance to zero by callingapprove(_spender, 0)` if it is not
// already 0 to mitigate the race condition described here:
// ethereum/EIPs#20 (comment) …
require((_value == 0) || (allowed[msg.sender][_spender] == 0));
Metadata
Metadata
Assignees
Labels
No labels