Aave DIVA Wrapper

DIVA

HardhatDeFi

15,000 USDC

View results

Previous Next

Submission Details

Severity: medium

Invalid

Lack of Slippage Protection in _removeLiquidity Function

olami9783

Summary

The _removeLiquidity function in the contract does not account for slippage during the removal of liquidity and subsequent redemption of collateral tokens. As a result, users may receive fewer collateral tokens than expected due to protocol fees, violatility, or liquidity conditions, leading to potential loss of funds or dissatisfaction.

Vulnerability Details

Affected code:

uint256 _wTokenBalanceBeforeRemoveLiquidity = _collateralTokenContract.balanceOf(address(this));

IDIVA(_diva).removeLiquidity(_poolId, _positionTokenAmountToRemove);

uint256 _wTokenAmountReturned = _collateralTokenContract.balanceOf(address(this)) -

_wTokenBalanceBeforeRemoveLiquidity;

uint256 _amountReturned = _redeemWTokenPrivate(

_pool.collateralToken, // wToken

_wTokenAmountReturned,

_recipient,

address(this)

);

The exact amount of collateral tokens received (_amountReturned) may be lower than anticipated because

IDIVA(_diva).removeLiquidity may return fewer wTokens than expected due to protocol fees or deductions.
_redeemWToikenPrivate may return fewer collateral tokens after redeeming wTokens due to slippage, fees or conversion rate changes in external protocols like Aave.

No mechanism exists to ensure that the user receives a minimum acceptable amount of collateral tokens.
This leaves users vulnerable to losses without their consents.

Impact

User Losses:
Users may receive fewer tokens than expected, leading ton a financial loss.
User Trust:
Lack of protection could leads to distrust in the system.
Protocol Risk:
If not fixed, this issue could result in a poor user experience, especially during volatile market conditions.

Tools Used

Manual Review

Recommendations

Add a slippage protection mechanism by introducing a _minCollateralAmount parameter that allows users to define the minimum acceptable amount of collateral tokens they are willing to receive. If the actual amount received (_amountReturned) is less than _minCollateralAmount, the transaction should revert.

// Slippage Protection: Ensure the returned amount meets the minimum requirement

if (_amountReturned < _minCollateralAmount) {

revert InsufficientAmountReceived(_amountReturned, _minCollateralAmount);

}

Updates

Lead Judging Commences

bube Lead Judge 5 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Appeal created

olami9783 Submitter

5 months ago

bube Lead Judge

5 months ago

bube Lead Judge 5 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Prize pool breakdown

Total prize

15,000 USDC

nSLOC

519

29 USDC / LOC

High Medium

14,000

Low

1,000

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.