Aave DIVA Wrapper
DIVA
HardhatDeFi
15,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

low

1stephen

  1. Missing Access Control on approveCollateralTokenForAave-https://github.com/Cyfrin/2025-01-diva/blob/1b6543768c341c2334cdff87b6dd627ee2f62c89/contracts/src/AaveDIVAWrapper.sol#L202C1-L207C6

https://github.com/Cyfrin/2025-01-diva/blob/1b6543768c341c2334cdff87b6dd627ee2f62c89/contracts/src/AaveDIVAWrapper.sol#L92

The approveCollateralTokenForAave and batchApproveCollateralTokenForAave functions are callable by anyone

recommendation- Add onlyOwner modifier to both functions.

Updates

Lead Judging Commences

bube Lead Judge 9 months ago
Submission Judgement Published
Invalidated
Reason: Design choice

Appeal created

1stephen Submitter
9 months ago
bube Lead Judge
9 months ago
1stephen Submitter
9 months ago
1stephen Submitter
9 months ago
1stephen Submitter
9 months ago
bube Lead Judge
9 months ago
bube Lead Judge 9 months ago
Submission Judgement Published
Invalidated
Reason: Design choice

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.