Aave DIVA Wrapper
DIVA
HardhatDeFi
15,000 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

Gas limitation with large batches will cause DOS for user.

deeney

Summary

Vulnerability Details

The batchRedeemPositionToken and batchRedeemWToken functions process an unbounded array of redemption arguments in a loop. Each iteration of the loop consumes gas, and if the input array (_redeemPositionTokenArgs or _redeemWTokenArgs) is too large, the cumulative gas cost of the loop may exceed the Ethereum block gas limit. This will cause the entire transaction to revert, rendering large batches unusable. The code currently lacks checks to restrict the maximum allowed batch size.

Impact

Transactions with large batches will fail due to out-of-gas errors, leading to a degraded user experience and potential loss of functionality. Users may be unable to redeem tokens in batches as intended, forcing them to submit smaller transactions manually, which is inefficient and costly.

Tools Used

manual code review

Recommendations

  • uint256 public constant MAX_BATCH_SIZE = 100;

function batchRedeemWToken(
RedeemWTokenArgs[] calldata _redeemWTokenArgs
) external override nonReentrant returns (uint256[] memory) {
+ require(_redeemPositionTokenArgs.length <= MAX_BATCH_SIZE, "Batch too large");
}
function batchRedeemPositionToken(
RedeemPositionTokenArgs[] calldata _redeemPositionTokenArgs
) external override nonReentrant returns (uint256[] memory) {
+ require(_redeemPositionTokenArgs.length <= MAX_BATCH_SIZE, "Batch too large");
}
Updates

Lead Judging Commences

bube Lead Judge 9 months ago
Submission Judgement Published
Invalidated
Reason: Known issue

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.