Storage Proofs

Curve

DeFiLayer 1Layer 2

14,723 OP

View results

Previous Next

Submission Details

Severity: low

Invalid

Gaz optimization: Replacing `require` statements

iskrenivanov334

Summary

Currently, some of the functions in ScrvusdVerifierV2.sol and ScrvusdVerifierV1.sol use require statements for validation checks. Each require statement consumes additional gas due to the storage of revert reasons in memory. Replacing require statements with if conditions followed by revert with custom errors reduces gas usage by minimizing string memory allocation.

Vulnerability Details

For example:

function verifyPeriodByBlockHash(

bytes memory _block_header_rlp,

bytes memory _proof_rlp

) external returns (bool) {

Verifier.BlockHeader memory block_header = Verifier.parseBlockHeader(_block_header_rlp);

require(block_header.hash != bytes32(0), "Invalid blockhash"); // Replacing with `if` statement and custom error

require(

block_header.hash == IBlockHashOracle(ScrvusdVerifierV1.BLOCK_HASH_ORACLE).get_block_hash(block_header.number),

"Blockhash mismatch" // Also replacing with `if` statement followed by custom error

);

uint256 period = _extractPeriodFromProof(block_header.stateRootHash, _proof_rlp);

return IScrvusdOracleV2(SCRVUSD_ORACLE).update_profit_max_unlock_time(period, block_header.number);

}

/// @param _block_number Number of the block to use state root hash

/// @param _proof_rlp The state proof of the period

Impact

Using custom errors than require statement is more gas efficient and without requiring additional memory allocation.

Tools Used

Recommendations

Use of custom errors:

error InvalidBlockHash();

error BlockhashMismatch();

function verifyPeriodByBlockHash(

bytes memory _block_header_rlp,

bytes memory _proof_rlp

) external returns (bool) {

Verifier.BlockHeader memory block_header = Verifier.parseBlockHeader(_block_header_rlp);

if (block_header.hash == bytes32(0)) {

revert InvalidBlockHash(); // gas efficient

}

if (block_header.hash != IBlockHashOracle(ScrvusdVerifierV1.BLOCK_HASH_ORACLE).get_block_hash(block_header.number)) {

revert BlockhashMismatch(); // gas efficient

}

uint256 period = _extractPeriodFromProof(block_header.stateRootHash, _proof_rlp);

return IScrvusdOracleV2(SCRVUSD_ORACLE).update_profit_max_unlock_time(period, block_header.number);

}

Updates

Lead Judging Commences

0xnevi Lead Judge

8 months ago

0xnevi Lead Judge 7 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Prize pool breakdown

Total prize

14,723 OP

Eagles

1,472 OP

nSLOC

394

37 OP / LOC

High Medium

12,700

Low

551

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.