Skip to content

Method Approve is vulnerable #9

New issue
New issue
Closed
Closed
Method Approve is vulnerable#9
@pauliax

Description

@pauliax
pauliax
opened on Sep 30, 2017

Approve method is vulnerable to the issue described here: https://docs.google.com/document/d/1YLPtQxZu1UAvO9cZ1O2RPXBbT0mooh4DYKjA_jp-RLM/edit#heading=h.m9fhqynw2xvt
please consider adding this check at the beginning of the method:
// To change the approve amount you first have to reduce the addresses// allowance to zero by callingapprove(_spender, 0)` if it is not
// already 0 to mitigate the race condition described here:
// ethereum/EIPs#20 (comment)

require((_value == 0) || (allowed[msg.sender][_spender] == 0));

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions