The current implementation hardcodes the Aave referral code to 0 in supply operations, limiting the protocol's ability to participate in Aave's referral program and potentially benefit from future incentive structures.
While not a security vulnerability per se, hardcoding the referral code:
Prevents the protocol from participating in Aave's referral program
Reduces protocol flexibility and adaptability
Requires contract redeployment to modify the referral code
May result in missed opportunities for protocol incentives
Manual Analysis
Implement a configurable referral code parameter with appropriate access controls.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.