Aave DIVA Wrapper
DIVA
HardhatDeFi
15,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

low

1stephen

  1. Missing Access Control on approveCollateralTokenForAave-https://github.com/Cyfrin/2025-01-diva/blob/1b6543768c341c2334cdff87b6dd627ee2f62c89/contracts/src/AaveDIVAWrapper.sol#L202C1-L207C6

https://github.com/Cyfrin/2025-01-diva/blob/1b6543768c341c2334cdff87b6dd627ee2f62c89/contracts/src/AaveDIVAWrapper.sol#L92

The approveCollateralTokenForAave and batchApproveCollateralTokenForAave functions are callable by anyone

recommendation- Add onlyOwner modifier to both functions.

Updates

Lead Judging Commences

bube Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Design choice

Appeal created

1stephen Submitter
10 months ago
bube Lead Judge
10 months ago
1stephen Submitter
10 months ago
1stephen Submitter
10 months ago
1stephen Submitter
10 months ago
bube Lead Judge
10 months ago
bube Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Design choice

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!