Core functions that involve interactions with aave v3 can revert if the supply limit is reached or if pool is paused
Many functions in AaveDIVAWrapper involve supplying and withdrawing assets from aave v3 pool. createContingentPool
and _addLiquidity
supply assets to aave pool while _removeLiquidity
, _redeemPositionToken
, _redeemWToken
and _claimYield
withdraw assets from Aave. This leads to a single point of failure if the calls to aave fail which can prevent users from redeeming their Wtokens.
Here are some possible scenarios:
Aave v3 may reach the deposit limit:
AAve v3 ValidationLogic.sol#L80-L87
Aave v3 may get paused or retired:
https://github.com/aave/aave-v3-core/blob/master/contracts/protocol/libraries/logic/ValidationLogic.sol#L77
In Nov 2023, Aave paused several markets after reports of feature issue.
Commonly in lending platforms, when a certain token or lending pool has been deemed to be too risky or have been hacked, it is retired. This has happened multiple times in Aave, with some other examples below:
GHST borrowing disabled on polygon
agEUR borrowing disabled on polygon
UST disabled on Venus protocol on BSC
SXP disabled on Venus protocol on BSC
TRXOld disabled on Venus protocol on BSC
When aave supply cap is reached, Diva Wrapper protocol will suffer a DoS which will prevent users from redeeming their Wtokens
Manual
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.