feat(SatoshiPeriphery): add swapInWithOkx function for ERC20 to DebtToken#13
feat(SatoshiPeriphery): add swapInWithOkx function for ERC20 to DebtToken#13
Conversation
…iPeriphery interface for OKX swap functionality
…alldata and update OKX API endpoint
|
|
||
| uint256 stableBalanceBefore = IERC20(stableAsset).balanceOf(address(this)); | ||
|
|
||
| (bool success,) = okxRouter.call(okxCalldata); |
There was a problem hiding this comment.
This would allow arbitrary function execution on an arbitrary contract, e.g. wbtc.transferFrom, a malicious attacker could steal other users tokens if they have approved the periphery contract.
I suggest the contract stores the okxRouter address in storage instead of of passing it as a parameter.
| uint256 fromTokenBefore = IERC20(fromToken).balanceOf(address(this)); | ||
|
|
||
| // Must approve the token approve proxy, NOT the router — OKX uses a separate spender contract | ||
| IERC20(fromToken).approve(okxApproveAddress, fromAmount); |
There was a problem hiding this comment.
I suggest using forceApprove from SafeERC20 to work with non-standard ERC20 tokens like USDT.
| IERC20(fromToken).approve(okxApproveAddress, fromAmount); | ||
| IERC20(fromToken).approve(okxRouter, fromAmount); | ||
| IERC20(fromToken).forceApprove(_okxApprove, fromAmount); | ||
| IERC20(fromToken).forceApprove(_okxRouter, fromAmount); |
There was a problem hiding this comment.
Not a security issue, it's just that there is no need to approve the router.
StillFantastic
left a comment
StillFantastic
left a comment
There was a problem hiding this comment.
Looks good with just a small nitpick.
|
Hi @StillFantastic, This commit adds native token (ETH/BNB/S/…) support for the OKX DEX → DebtToken swap-in flow. Previously, swapInWithOkx only supported ERC20 tokens as input. Users who wanted to swap native gas tokens (e.g. ETH on Arbitrum, BNB on BSC, S on Sonic) into DebtToken had to manually wrap them first. This PR introduces a new swapInWithOkxNative function that accepts native tokens directly via msg.value, removing that friction. |
StillFantastic
left a comment
StillFantastic
left a comment
There was a problem hiding this comment.
No issues identified.
3 participants
feat(SatoshiPeriphery): add swapInWithOkx function for ERC20 to DebtToken