State Root Verification Risks in IBlockHashOracle.vyi
Summary
The contract IBlockHashOracle.vyi is responsible for providing block hashes and state roots. However, it relies entirely on external sources without additional validation mechanisms. This introduces a critical security risk where a compromised or manipulated oracle could supply incorrect block hashes or state roots, leading to maliciously accepted fake proofs.
Vulnerability Details
Issue: Lack of Secondary Validation for State Root
The functions get_block_hash() and get_state_root() directly return values provided by the oracle.
There is no secondary validation to ensure that the returned state root is correct and untampered.
If the oracle is compromised or manipulated, it could return incorrect state roots that lead to the acceptance of fake proofs.
A malicious actor could exploit this to introduce invalid state transitions in contracts that depend on this oracle for verification.
Affected Code:
These functions return critical verification data without cross-checking their authenticity.
Impact
If an attacker gains control over the oracle, they can manipulate state proofs to execute unauthorized actions, bypass security checks, and introduce incorrect financial or governance decisions.
This can lead to fraudulent transactions, stolen funds, or incorrect protocol updates.
Downstream contracts relying on this oracle would be compromised, potentially affecting an entire ecosystem of dependent protocols.
Tools Used
Manual Code Review
Analysis of On-Chain Oracle Dependencies
Recommendations
-
Introduce Secondary Validation:
Require the oracle to submit multiple confirmations of state root values from different independent sources.
Implement a delay mechanism where multiple historical block hashes must be provided before a new one is accepted.
-
Multi-Signature Governance:
Require multiple trusted parties to sign off on critical state root updates before they are accepted.
-
Use Multiple Oracle Sources:
Instead of trusting a single oracle, aggregate data from multiple oracles and use a consensus mechanism to determine the correct state root.
-
Logging and Monitoring:
Implement logging of returned state roots and set up alerts for suspicious discrepancies.
Lead Judging Commences
[invalid] finding-block-number-no-input-check
- Anything related to the output by the `BLOCK_HASH_ORACLE` is OOS per \[docs here]\(<https://github.com/CodeHawks-Contests/2025-03-curve?tab=readme-ov-file#blockhash-oracle>). - The PoC utilizes a mock `BLOCK_HASH_ORACLE`which is not representative of the one used by the protocol - Even when block hash returned is incorrect, the assumption is already explicitly made known in the docs, and the contract allows a subsequent update within the same block to update and correct prices - All state roots and proofs must be verified by the OOS `StateProofVerifier` inherited as `Verifier`, so there is no proof that manipulating block timestamp/block number/inputs can affect a price update - There seems to be a lot of confusion on the block hash check. The block hash check is a unique identifier of a block and has nothing to do with the state root. All value verifications is performed by the OOS Verifier contract as mentioned above
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.