The constructor parameters in AaveDIVAWrapper
do not match the expected order in AaveDIVAWrapperCore
. Specifically, AaveDIVAWrapper
passes _aaveV3Pool
as the first parameter, but AaveDIVAWrapperCore
expects _diva
first. This misalignment results in incorrect contract initialization, causing the protocol to be completely non-functional.
In AaveDIVAWrapper
, the constructor is defined as:
However, in AaveDIVAWrapperCore
, the constructor expects parameters in a different order:
This results in:
_aaveV3Pool
being incorrectly assigned to diva_
_diva
being incorrectly assigned to aaveV3Pool_
_owner
being correctly assigned
Due to this misalignment, all interactions with the contract that depend on _diva
or _aaveV3Pool
will fail, leading to a full denial of service (DoS) for any protocol functionalities dependent on these addresses.
Complete DoS of the protocol: Any function calls relying on diva_
or aaveV3Pool_
will fail due to invalid addresses.
Fund loss risk: If the contract interacts with external protocols (e.g., Aave), it might send funds to an unintended address, leading to irrecoverable losses.
Deploy the AaveDIVAWrapper
contract with the following parameters:
_aaveV3Pool
: A valid Aave pool address
_diva
: A valid DIVA token address
_owner
: An address you control
Attempt to interact with the contract's functionalities that depend on _diva
or _aaveV3Pool
.
Observe that the contract fails to execute these functionalities due to incorrect initialization.
Copy the following code to contracts/test/ folder.
Run the following commands to test the vulnerability: `forge
Manual code review
Foundry
Update the constructor in AaveDIVAWrapper
to pass parameters in the correct order:
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.