Storage Proofs

Curve

DeFiLayer 1Layer 2

14,723 OP

View results

Previous Next

Submission Details

Severity: medium

Invalid

## Medium Severity Findings ###

luffy

1. Potential Reentrancy Vulnerability

File: ScrvusdVerifierV2.sol
Line: 40
Code:

IScrvusdOracleV2 public scrvusd_oracle_v2;

Description: Although not directly evident in the provided code snippets, interactions with external contracts like scrvusd_oracle_v2 can introduce reentrancy risks if those contracts call back into the verifier contract before the initial execution is complete.

Remediation: Utilize the Checks-Effects-Interactions pattern and consider implementing reentrancy guards to prevent such vulnerabilities.

2. Hardcoded Storage Slot Value

File: ScrvusdVerifierV2.sol
Line: 31
Code:

uint256 internal PERIOD_SLOT = 37; // profit_max_unlock_time

Description: The storage slot for profit_max_unlock_time is hardcoded. If the underlying storage structure changes, this could lead to incorrect data retrieval or storage conflicts.

Remediation: Use a more dynamic approach to determine storage slots, possibly through constants or a mapping that adapts to changes in the storage structure.

Updates

Lead Judging Commences

0xnevi Lead Judge

3 months ago

0xnevi Lead Judge 3 months ago

Submission Judgement Published

Invalidated

Reason: Incorrect statement

Prize pool breakdown

Total prize

14,723 OP

Eagles

1,472 OP

nSLOC

394

37 OP / LOC

High Medium

12,700

Low

551

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.