Approve will always revert as the IERC20 interface mismatch
Summary
The AaveDIVAWrapperCore::_registerCollateralToken function is responsible for registering a collateral token, retrieving its associated aToken from Aave V3 and deploying a wrapped token (wToken) for use within the DIVA Protocol. During this process, it sets unlimited approvals for the wToken and the collateral token to streamline token transfers.
Vulnerability Details
The function calls _collateralTokenContract.approve(_aaveV3Pool, type(uint256).max); to grant unlimited allowance for the collateral token transfer to Aave V3. However, this can cause an issue when dealing with USDT (Tether), as its approve function does not return a boolean value.
In contrast, the approve function of the IERC20Metadata interface, which is being used in this function, expects a boolean return type.USDT does not return any bool value when approve is called. As the token is wrapped in IERC20Metadata, the compiler will expect a bool return value. When the compiler does not get any return value, it will assume false and revert causing transaction failure
Impact
This vulnerability prevents the contract from successfully executing transaction when USDT is used as a collateral token. As a result, users will be unable to register USDT as collateral, limiting the flexibility and usability of the contract
Tools Used
Manual code review
Recommendations
To resolve this issue, consider using OpenZeppelin’s SafeERC20 library, which handles non-standard ERC-20 tokens like USDT. The forceApprove function from SafeERC20 ensures compatibility with tokens that do not return a boolean value.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.