Aave DIVA Wrapper
DIVA
HardhatDeFi
15,000 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

Aave Supported Token (MKR) Won't Work With AaveDIVAWrapper Protocol

mrkaplan

Summary

MKR, a token currently active in Aave, cannot be registered as a collateral token because it will revert. As a result, it cannot be used through the AaveDIVAWrapper protocol.

Vulnerability Details

When registering a collateral token via registerCollateralToken(), there is a line in AaveDIVAWrapperCore.sol:_registerCollateralToken() that calls the symbol() function of the token being registered. This function is used when creating the wrapped version of the token, prefixing its symbol with a w:

https://github.com/Cyfrin/2025-01-diva/blob/1b6543768c341c2334cdff87b6dd627ee2f62c89/contracts/src/AaveDIVAWrapperCore.sol#L85-L96

IERC20Metadata _collateralTokenContract = IERC20Metadata(_collateralToken);
WToken _wTokenContract = new WToken(
@> string(abi.encodePacked("w", _collateralTokenContract.symbol())),
_collateralTokenContract.decimals(),
address(this) // wToken owner
);

The problem arises because the IERC20Metadata interface expects symbol() to return a string, but in the case of MKR, the return type is bytes32. As a result, attempting to register MKR as a collateral token in AaveDIVAWrapper will revert at this line.

Root cause

Not integrating the collateral tokens that returns bytes32 in symbol() function.

Impact

  1. As stated in the compatibilities section of the contest:

    Supported collateral tokens:

    • Any ERC20 token supported by Aave V3, but mainly stablecoins like USDC, USDT are expected to be used for DIVA Donate.

    • Fee-on-transfer and rebaseable tokens are NOT supported.

    • Tokens must have between 6-18 decimals.

    Since MKR is currently supported in Aave, it should be compatible with the protocol. However, due to the type mismatch in the symbol() function, registering MKR as a collateral token will revert. Consequently, a wrapped version of MKR cannot be created, preventing its use in the protocol.

  2. Users won't be able to create a contingent pool with an Aave supported token (MKR) through AaveDIVAWrapper protocol.

  3. Owner won't be able to create yield with an Aave supported token (MKR).

Recommendations

Integrate with code the collateral tokens that returns bytes32 in symbol() function.

Add the next two functions to AaveDIVAWrapperCore.sol:

+function _bytes32ToString(bytes32 _symbol) internal pure returns (string memory) {
+ uint8 length = 0;
+ while (length < 32 && _symbol[length] != 0) {
+ length++;
+ }
+ bytes memory bytesArray = new bytes(length);
+ for (uint8 i = 0; i < length; i++) {
+ bytesArray[i] = _symbol[i];
+ }
+ return string(bytesArray);
+}
+function _getSymbol(IERC20Metadata _collateralToken) internal view returns (string memory) {
+ try _collateralToken.symbol() returns (string memory symbolString) {
+ return symbolString;
+ } catch {
+ // Fallback for tokens like MKR that return bytes32
+ return _bytes32ToString(bytes32(abi.encodePacked(IERC20(_collateralToken).symbol())));
+ }
+}

Now change some lines on _registerCollateralToken():

IERC20Metadata _collateralTokenContract = IERC20Metadata(_collateralToken);
WToken _wTokenContract = new WToken(
- string(abi.encodePacked("w", _collateralTokenContract.symbol())),
+ string(abi.encodePacked("w", _getSymbol(_collateralTokenContract))),
_collateralTokenContract.decimals(),
address(this) // wToken owner
);
Updates

Lead Judging Commences

bube Lead Judge 9 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Appeal created

mrkaplan Submitter
9 months ago
bube Lead Judge
9 months ago
bube Lead Judge 9 months ago
Submission Judgement Published
Invalidated
Reason: Known issue

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.