Storage Proofs
Curve
DeFiLayer 1Layer 2
14,723 OP
View results
Previous Next
Submission Details
Severity: medium
Invalid

Unchecked Slot Existence in `ScrvusdVerifierV1::_extractParametersFromProof` could lead to incorrect readings and potential miscalculations

summer

Summary

The ScrvusdVerifierV1::_extractParametersFromProof function doesn't check if a slot exists before using its value, silently treating non-existent slots as zero. This could lead to incorrect parameter readings and potentially significant miscalculations in price data.

Vulnerability Details

In ScrvusdVerifierV1, the _extractParametersFromProof function has this logic:

// Extract slot values
uint256[PARAM_CNT] memory params;
for (uint256 i = 1; i < PROOF_CNT; i++) {
Verifier.SlotValue memory slot = Verifier.extractSlotValueFromProof(
keccak256(abi.encode(PARAM_SLOTS[i])),
account.storageRoot,
proofs[i].toList()
);
// Slots might not exist, but typically we just read them.
params[i - 1] = slot.value;
}

The comment "Slots might not exist, but typically we just read them" indicates that the code intentionally ignores whether the slot exists and simply uses its value, which would be 0 for non-existent slots.

In contrast, in ScrvusdVerifierV2, the _extractPeriodFromProof function checks that the slot exists:

Verifier.SlotValue memory slot = Verifier.extractSlotValueFromProof(
keccak256(abi.encode(PERIOD_SLOT)),
account.storageRoot,
proofs[1].toList()
);
require(slot.exists);

Critical parameters like total_debt, total_idle, and total_supply should never be zero in a functioning scrvUSD vault. If a slot doesn't exist (due to an incorrect slot number or other issues), treating it as zero could lead to highly inaccurate price calculations.

Impact

The likelihood of this issue manifesting is medium but this has a quite number of impact to the protocol; It can lead to incorrect price calculations if any slot is non-existent. According to the project documentation, price inaccuracies can "lead to MEV in the liquidity pool, at a loss for the liquidity providers"

Tools Used

Manul review

Recommendations

Add existence checks for all slots and revert if any critical slot is missing, this ensures that all slots exist and that critical parameters are non-zero, preventing potential price calculation errors.

Updates

Lead Judging Commences

0xnevi Lead Judge 5 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement
Assigned finding tags:

[invalid] finding-slot-not-check-verifierv1-v2

- Looking at the OOS `StateProofVerifier` and `MerklePatriciaProofVerifier` contract that extracts the slot, the `exists` flag will be flagged as true as long as a non-zero length value is returned as seen [here](https://github.com/curvefi/curve-xdao/blob/3ff77bd2ccc9c88d50ee42d2a746fc7648c7ff2c/contracts/libs/StateProofVerifier.sol#L133C13-L136). From the `MerklePatriciaProofVerifier.extractProofValue`, the minimum length returned will be 1 as represenetd by `bytes(0)`. So this seems to be purely a sanity check that might not even be required. - A slot with zero values is only allowed when the proof provided by the prover correctly proofs that such values are included within the Merkle-Patricia-Tree. The values fetched from mainnet from the V3Vault stored in the merkle trie is likely checked before hand and aggregated into the MerkleTree.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.