DoS Due To USDT Approval

Summary

As we can clearly see the protocol is meant to support USDT. However, the payDebt and extendLoan functions of the DebitaV3Loan contract does not seem to do so.

https://github.com/sherlock-audit/2024-11-debita-finance-v3/blob/main/Debita-V3-Contracts/contracts/DebitaV3Loan.sol#L186

https://github.com/sherlock-audit/2024-11-debita-finance-v3/blob/main/Debita-V3-Contracts/contracts/DebitaV3Loan.sol#L547

Root Cause

The USDT contract doesn't implement the IERC20 interface correctly. Namely, functions that are supposed to return a bool (like approve used in the beforementioned functions) don't. The functions payDebt and extendLoan will always revert when using USDT for that reason.

Internal pre-conditions

--

External pre-conditions

--

Attack Path

--

Impact

These functionalities will always revert causing a DoS.

PoC

--

Mitigation

Using safeApprove will fix this issue.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

067.md

067.md

DoS Due To USDT Approval

Summary

Root Cause

Internal pre-conditions

External pre-conditions

Attack Path

Impact

PoC

Mitigation

Files

067.md

Latest commit

History

067.md

File metadata and controls

DoS Due To USDT Approval

Summary

Root Cause

Internal pre-conditions

External pre-conditions

Attack Path

Impact

PoC

Mitigation