Storage Proofs

Summary

The V2 simulation logic miscalculates accrued gains by using a static initial gain value for multiple periods, leading to incorrect price inflation due to unaccounted compounding effects.

Vulnerability Details

In the ScrvusdOracleV2 contract, the _obtain_price_params() function is responsible for simulating how the scrvUSD vault parameters would evolve over time. This is critical for the price_v2() function that estimates future prices based on current parameters.

• Afected area:

The function calculates the gain once at the beginning based on the initial parameters and then adds gain * number_of_periods to params.total_idle. After this, it loops through each period to update balance_of_self and total_supply, but it never recalculates the gain based on these updated values. This contradicts how an actual vault would behave, where each period's gain would be calculated based on the updated parameters from the previous period. For instance, after the first period, both total_supply and balance_of_self change, which would affect the gain calculation for the second period.

The documentation states in the price_v2() function comment: "Uses assumption that crvUSD gains same rewards," but this implementation assumes constant absolute gain, not constant relative rewards, which is incorrect.

Impact

the likelyhood and Impact of this bug is very very high because it directly affects price calculations, which are core to the oracle's functionality

Tools Used

Manual Review

Recommendations

Recalculate the gain for each period based on the updated parameters from the previous period, ensuring that the gain is correctly compounded over time. This involves recalculating the gain inside the loop where balance_of_self and total_supply are updated. This change will accurately reflect how an actual vault would behave, ensuring that the price calculations are correct, eliminating linear extrapolation errors.