Inexplicable Usage of Approve & Transfer

## SME-04M: Inexplicable Usage of Approve & Transfer

| Type | Severity | Location |
| ---- | -------- | -------- |
| [Logical Fault](/appendix/finding-types#logical-fault) | <img class="o-severity o-minor" src="https://omniscia.io/report-assets/minor.png" /> | [SafetyModuleERC20.sol:L178](https://github.com/Rand-Network/tokenomics/blob/63a9f809d5b70232dfcaf625197421c11fc0ec3a/contracts/SafetyModuleERC20.sol#L178), [L214](https://github.com/Rand-Network/tokenomics/blob/63a9f809d5b70232dfcaf625197421c11fc0ec3a/contracts/SafetyModuleERC20.sol#L214) |

### Description:

The linked statements invoke a special function called `approveAndTransfer` that transfers the specified amount to the intended recipient and additionally increase their allowance. Both invocations have the contract itself as the target but the contract contains no logic that utilizes the set allowance via a `transferFrom` / `safeTransferFrom` instruction.

### Example:

```solidity
IRandToken(REGISTRY.getAddress("RND")).approveAndTransfer(
    _vc,
    address(this),
    amount
);
```

### Recommendation:

We advise this trait of the system to be revised and the function as defined in `RandToken` to be revised as its allowance component currently serves no purpose.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Inexplicable Usage of Approve & Transfer #27

SME-04M: Inexplicable Usage of Approve & Transfer

Description:

Example:

Recommendation:

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Inexplicable Usage of Approve & Transfer #27

Description

SME-04M: Inexplicable Usage of Approve & Transfer

Description:

Example:

Recommendation:

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions