Storage Proofs

Curve

DeFiLayer 1Layer 2

14,723 OP

View results

Previous Next

Submission Details

Severity: medium

Invalid

Lack of Explicit Validity Checks on Extracted Data in _extractPeriodFromProof()

mattzio

Summary

The _extractPeriodFromProof() function in ScrvusdVerifierV2.sol only verifies that slot.exists is true but does not perform any validation on slot.value. This lack of explicit validity checks could allow an attacker to manipulate the profit unlock time by submitting a crafted proof that tricks the function into accepting a manipulated period value.

Vulnerability Details

The function _extractPeriodFromProof() is responsible for extracting a period value from a state proof using a given state root. However, it only checks for the existence of the slot but does not validate the extracted value:

Verifier.SlotValue memory slot = Verifier.extractSlotValueFromProof(keccak256(abi.encode(PERIOD_SLOT)),account.storageRoot,proofs[1].toList());require(slot.exists);

Here, require(slot.exists); ensures that the slot exists but does not verify if slot.value is within an expected range. If an attacker manages to submit a proof that makes slot.exists return true while setting an arbitrary slot.value, they could manipulate profit unlock times.

Impact

An attacker could submit a manipulated proof to delay or accelerate the profit unlock time.
This could be exploited to manipulate financial parameters in the protocol, potentially leading to unfair advantages or financial losses.

Tools Used

Manual code review
Static analysis tools for Solidity security

Recommendations

2.Add Range Checks: Ensure that slot.value falls within a reasonable range.

require(slot.value >= MIN_VALID_PERIOD && slot.value <= MAX_VALID_PERIOD, "Invalid period value");

2.Verify Against Historical Data: Compare slot.value against previously stored values to detect anomalies.

3.Enhance Proof Validation: Introduce additional verification mechanisms to confirm the legitimacy of the extracted period value.

Updates

Lead Judging Commences

0xnevi Lead Judge 5 months ago

Submission Judgement Published

Invalidated

Reason: Incorrect statement

Assigned finding tags:

[invalid] finding-slot-not-check-verifierv1-v2

- Looking at the OOS `StateProofVerifier` and `MerklePatriciaProofVerifier` contract that extracts the slot, the `exists` flag will be flagged as true as long as a non-zero length value is returned as seen [here](https://github.com/curvefi/curve-xdao/blob/3ff77bd2ccc9c88d50ee42d2a746fc7648c7ff2c/contracts/libs/StateProofVerifier.sol#L133C13-L136). From the `MerklePatriciaProofVerifier.extractProofValue`, the minimum length returned will be 1 as represenetd by `bytes(0)`. So this seems to be purely a sanity check that might not even be required. - A slot with zero values is only allowed when the proof provided by the prover correctly proofs that such values are included within the Merkle-Patricia-Tree. The values fetched from mainnet from the V3Vault stored in the merkle trie is likely checked before hand and aggregated into the MerkleTree.

Prize pool breakdown

Total prize

14,723 OP

Eagles

1,472 OP

nSLOC

394

37 OP / LOC

High Medium

12,700

Low

551

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.