Check that create transferred the correct amount #1
Description
create doesn't verify that the correct amount of tokens were transferred. This can potentially lead to the creation of a malicious Bskt with a malicious underlying token.
Checking the delta of erc20.balanceOf(address(this)) mitigates this possibility.
However, this imposes extra logic, so it's worth considering the tradeoffs. An alternative solution is to publish a curated list of verified tokens.