Submission Details
Severity:
Unchecked Aave Supply Failure Can Lead to Unbacked wToken Minting
Summary
The _handleTokenOperations function in the contract does not verify whether the collateral token supply to Aave was successful before minting wTokens. If the supply operation fails ( paused Aave markets, or unexpected contract behavior), the function still proceeds to mint wTokens, creating a scenario where wTokens exist without actual collateral backing them. This can be exploited for financial gain and can lead to system insolvency.
Vulnerability Details
IAave(_aaveV3Pool).supply(
_collateralToken,
_collateralAmount,
address(this),
0
);
// Mint wTokens associated with the supplied asset
IWToken(_wToken).mint(address(this), _collateralAmount);
There is no check to confirm if supply() was successful before minting wTokens.
If the supply operation fails silently, wTokens can be minted without actual collateral backing them, leading to potential double-spending or system insolvency.
Impact
poses a serious financial risk as it allows attackers to mint unbacked wTokens by exploiting failed Aave supply operations.
Tools Used
manual review
Recommendations
Verify Return Value
If IAave(_aaveV3Pool).supply() returns a success indicator, add a check:
bool success = IAave(_aaveV3Pool).supply(_collateralToken, _collateralAmount, address(this), 0);
require(success, "Aave supply failed");
Prize pool breakdown
Total prize
15,000 USDC
nSLOC
51929 USDC / LOC
14,000
1,000
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.