Enhance permit failure handling in depositWithSignature function
The depositWithSignature function uses an empty catch block for permit failures, so a front-run permit followed by an under-allowance reverts later in the deposit, wasting gas and producing confusing user errors.
Description
The depositWithSignature function currently uses a try-catch block to handle potential permit failures, which is good for mitigating front-running attacks. However, the catch block is empty, which might lead to silent failures and unexpected behavior.
Impact
In cases where the permit fails and the user doesn't have sufficient allowance, the transaction might fail at a later stage (during the actual deposit), wasting gas and causing confusion.
Recommendation
Implement an allowance check in the catch block. This ensures that if the permit fails (possibly due to front-running), the function can still proceed if the user has sufficient allowance. If not, it will revert with a clear error message.
tryasset.permit({owner: msg.sender,spender: address(this),value: _amount,deadline: _deadline,v: _v,r: _r,s: _s}){ } catch {// Permit failed (possibly due to front-running), check allowanceuint256 allowance = IERC20(asset).allowance(msg.sender, address(this));if (allowance < _assets) {revert InsufficientAllowance(_assets, allowance);}// If allowance is sufficient, continue with deposit despite permit failure}
This modification maintains protection against front-running attacks while also ensuring that transactions can proceed if sufficient allowance exists, improving user experience and providing clearer error messages when both permit and allowance are insufficient.
