DeFiLayer 1Layer 2
14,723 OP
View results
Submission Details
Severity: high
Invalid

Insufficient State Proof Verification in Verifier V1

Summary

The ScrvusdVerifierV1 contract uses RLP-encoded block headers and state proofs to extract vault parameters. However, its verification logic does not fully cross-check these extracted values against trusted sources such as the BlockHashOracle. Allows forged state proofs that can directly compromise the price, risking funds.

Vulnerability Details

-The functions (e.g. verifyScrvusdByBlockHash and verifyScrvusdByStateRoot) parse block headers and state proofs but lack comprehensive integrity checks for the decoded parameters.

-Critical vault metrics (total supply, idle funds, etc.) are not validated against known on-chain data, leaving the system open to forged proofs.

Elaboration

The ScrvusdVerifierV1 contract's verifyScrvusdByBlockHash function verifies scrvUSD parameters using an RLP-encoded block header and a corresponding state proof. However, it does not thoroughly cross-check these extracted values against trusted sources, such as the BlockHashOracle. This shortfall could allow forged state proofs to inject incorrect vault parameters.​

Proof of Concept (PoC):

An attacker crafts a malicious state proof that falsely indicates an increase in the vault's total_debt.​

// Malicious RLP-encoded block header and state proof
bytes memory fakeBlockHeaderRLP = /* crafted RLP-encoded block header */;
bytes memory fakeStateProofRLP = /* crafted RLP-encoded state proof */;
// Attacker calls verifyScrvusdByBlockHash with malicious proofs
scrvusdVerifierV1.verifyScrvusdByBlockHash(fakeBlockHeaderRLP, fakeStateProofRLP);

In this PoC, the attacker submits forged proofs that, due to insufficient verification, are accepted by the contract, leading to incorrect updates to the oracle's price data.

Impact

-An attacker could submit a crafted state proof with manipulated vault parameters that would be accepted by the verifier, resulting in an incorrect update to the scrvUSD price.

-Such an exploit could destabilize cross-chain pools by providing false data on the vault’s financial state.

Tools Used

-Manual Code Review

-Solodit Checklist review regarding state proof and input consistency

-Chat GPT o3-mini-high

Recommendations

-Enhance the RLP decoding and verification logic to include complete integrity checks on all critical parameters.

-Cross-check all decoded values against the BlockHashOracle’s records or other trusted sources before updating the oracle.

-Consider adding a fallback or delay mechanism in cases where the extracted data appears anomalous.

Updates

Lead Judging Commences

0xnevi Lead Judge
3 months ago
0xnevi Lead Judge 3 months ago
Submission Judgement Published
Invalidated
Reason: Out of scope

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.