[AAVE] ERC20 Token Smart Contract Domain Community Assessment

[AAVE] ERC20 Token Smart Contract Domain Community Assessment

General Information

Risk Summary

  • Does the contract implement the ERC20 token standards?
    Yes, the contract implements all the required ERC20 functions.
  • Risk analysis: MEDIUM

Technical Information

  • Compiler version: v0.6.10+commit.00c0fcaf
  • Decimals: 18
  • Overflow checks: Yes, the contract inherits SafeMath uint256 Library from OpenZeppelin
  • Mitigation against allowance race-condition: Yes, via increaseAllowance and decreaseAllowance functions.
  • Upgradeable contract patterns: Yes, the contract is upgradable.
  • Access control or restriction lists: No
  • Non-standard features or behaviors: permit function, snapshot hook on _transfer, _mint and _burn functions, ability to upgrade the contract.

Formal Verification Considerations:

  • Does transfer have simple semantics? Yes
  • Does transferFrom have simple semantics? Yes
  • Can balances be arbitrarily modified by some actor? No
  • Are there any external calls? Yes, aaveGovernance.onTransfer inside the snapshot hook

Testnet Information

Ropsten: 0x73317bcCDD6186B705c07F8306d5121011F84698
Rinkeby: 0xf8e64B6A75b2508f8d9F7C6643D314440111fB81

AAVE networks deployment information: https://github.com/aave/aave-token#development-deployment

Contract Logic Summary

At its core the implementation is a standard erc20 contract which uses SafeMath module form OpenZeppelin.
The contract also implements permit function and snapshot hook on _transfer, _mint and _burn functions that includes an external call, onTransfer, to Aave Governance contract.

Administrative Addresses

Below is a list of addresses related to token management:

domain separator: 0x2901a982e363189e3f2e4db2e5c3291fa1067b815a3ac9890ac6573e51bf33b0
permit typehash: 0x6e71edae12b1b97f4d1f60370fef10105fa2faae0126114a169c64845d6126c9


Contract Risk Summary

This is a medium risk contract. The ERC20 functions are implemented to the industry standard, although approve does have a race condition that can be mitigated via increaseAllowance and decreaseAllowance functions. The contract makes use of SafeMath Library from OpenZeppelin to prevent integer underflow and overflow. AAVE is a governance token that includes a migrator for LEND token.

Supporting Materials



Architecture Diagram

Inheritance Diagram

Sūrya’s Description Report

Files Description Table

File Name SHA-1 Hash
AaveToken.sol e4da71e2ded330e1ac6707b184643fdcd9f32d98
LendToAaveMigrator.sol b23cf6990c1788bf50df036640556b3fe144de27

Contracts Description Table

Contract Type Bases
Function Name Visibility Mutability Modifiers
AaveToken Implementation ERC20, VersionedInitializable
Public :exclamation: :stop_sign: ERC20
initialize External :exclamation: :stop_sign: initializer
permit External :exclamation: :stop_sign: NO❗️
getRevision Internal :lock:
_writeSnapshot Internal :lock: :stop_sign:
_beforeTokenTransfer Internal :lock: :stop_sign:
LendToAaveMigrator Implementation VersionedInitializable
Public :exclamation: :stop_sign: NO❗️
initialize Public :exclamation: :stop_sign: initializer
migrationStarted External :exclamation: NO❗️
migrateFromLEND External :exclamation: :stop_sign: NO❗️
getRevision Internal :lock:


Symbol Meaning
:stop_sign: Function can modify state
:dollar: Function is payable