Batch Functions Allow Empty Arrays, Causing Unintended Behavior
Summary
The AaveDIVAWrapper.sol contract contains multiple batch processing functions designed to enhance user experience by allowing multiple actions in a single transaction (e.g., creating pools, removing liquidity).
However, these functions do not validate input arrays, meaning users can submit empty arrays that trigger unnecessary execution, wasting gas and returning empty results. While not an exploitable vulnerability, this behavior is unintended and inefficient.
Vulnerability Details
Batch functions starting with batch (e.g., batchCreateContingentPool, batchRemoveLiquidity) do not check for empty input arrays. If an empty array is provided:
• The function still executes, incurring gas costs.
• An empty array is returned, which is not aligned with the intended system design.
Affected Functions
All batch functions, starting from the first instance in AaveDIVAWrapper.sol#L100.
Impact
Possible Misuse - If the contract relies on batch execution for efficiency, processing empty batches contradicts the design purpose.
Returns an empty array, which may not be expected by front-end applications or other smart contracts.
Gas Waste - Users pay gas fees for a transaction that performs no meaningful operations.
Tools Used
Manual Review
Recommendations
Consider adding a check that checks that the array is not empty:
Taking the batchCreateContingentPool function as an example, but applies to all functions that batch:
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.