Aave DIVA Wrapper

DIVA

HardhatDeFi

15,000 USDC

View results

Previous Next

Submission Details

Severity: medium

Invalid

Symbol Handling Reverts Due to Incompatible Return Type

wellbyt3

Summary

The protocol assumes all collateral tokens conform to IERC20Metadata, but since MKR.symbol() returns bytes32 instead of string, the contract call to symbol() in _registerCollateralToken will always revert, preventing MKR from being used as collateral.

Vulnerability Details

The protocol states in the README that supported collateral tokens are:

Any ERC20 token supported by Aave V3, but mainly stablecoins like USDC, USDT are expected to be used for DIVA Donate.

MKR is supported by Aave.

When MKR.symbol() is called, bytes32 is returned, not string: https://etherscan.io/token/0x9f8f72aa9304c8b593d555f12ef6589cc3a579a2#readContract#F7

In AaveDIVAWrapperCore::_registerCollateralToken, the collateral token is wrapped in IERC20Metadata and then symbol() is called when creating a new wToken, but this call will always revert because MKR.symbol() returns bytes32 and the interface expects a string.

interface IERC20Metadata is IERC20 {

...

function symbol() external view returns (string memory);

...

}

function _registerCollateralToken(address _collateralToken) internal returns (address) {

...

@> IERC20Metadata _collateralTokenContract = IERC20Metadata(_collateralToken);

WToken _wTokenContract = new WToken(

@> string(abi.encodePacked("w", _collateralTokenContract.symbol())),

_collateralTokenContract.decimals(),

address(this) // wToken owner

);

...

}

Impact

Protocol incompatible with tokens like MKR.

Tools Used

Manual review

Recommendations

Add logic to handle byte32 returns value when calling symbol if you want to support all Aave tokens.

Updates

Lead Judging Commences

bube Lead Judge 10 months ago

Submission Judgement Published

Invalidated

Reason: Incorrect statement

Appeal created

wellbyt3 Submitter

10 months ago

bube Lead Judge

10 months ago

bube Lead Judge 10 months ago

Submission Judgement Published

Invalidated

Reason: Known issue

Prize pool breakdown

Total prize

15,000 USDC

nSLOC

519

29 USDC / LOC

High Medium

14,000

Low

1,000

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!