Skip to content

Latest commit

 

History

History
56 lines (39 loc) · 4.73 KB

non-standard-tokens.md

File metadata and controls

56 lines (39 loc) · 4.73 KB

Known non-standard ERC20 tokens

The following tokens are known to be non-standard ERC20 tokens. They may have additional risks that must be covered.

Missing Revert

These tokens do not revert when a transfer fails, e.g. due to missing funds. Protocols that integrate these tokens must include a check for the transfer function's returned boolean success status and handle the failure case appropriately.

Token Notes
Basic Attention Token (BAT)
Huobi Token (HT)
Compound USD Coin (cUSDC)
0x Protocol Token (ZRX)

Transfer Hooks

These tokens include ERC777-like transfer hooks. Protocols that interact with tokens that include transfer hooks must be extra careful to protect against reentrant calls when dealing with these tokens, because control is handed back to the caller upon transfer. This can also affect cross-protocol reentrant calls to view functions.

Token Notes
Amp (AMP)
The Tokenized Bitcoin (imBTC)

Missing Return Data / Transfer Success Status

These tokens do not return any data from the external call when transferring tokens. Protocols using an interface that specifies a return value when transferring tokens will revert. Solidity includes automatic checks on the return data size when decoding return values of an expected size.

Token Notes
Binance Coin (BNB) Only missing return data on transfer. transferFrom returns true.
OMGToken (OMG)
Tether USD (USDT)

Permit No-op

Does not revert when calling permit. Protocols that use EIP-2612 permits should check that the token allowance has increased or is sufficient. See Multichain's incident.

Token Notes
Wrapped Ether (WETH) Includes a non-reverting fallback function.

Additional Non-standard Behavior

Additional non-standard token behavior that could be problematic includes:

  • fee on transfers
  • upgradeable contracts (USDC)
  • tokens with multiple address entry-points to the same accounting state
  • non-standard decimals (USDC: 6)
  • non-standard permits (DAI)
  • do not reduce allowance when it is the maximum value
  • do not require allowance for transfers from self
  • revert for approval of large amounts >= 2^96 < 2^256 - 1 (UNI, COMP)

Refer to d-xo/weird-erc20 for additional non-standard ERC20 tokens.