The Verifier V1 contract hardcodes the scrvUSD contract address (0x0655977FEb2f289A4aB78af67BAB0d17aAb84367
). If the scrvUSD contract is upgraded or redeployed, the Verifiers will read data from the wrong address.
Hardcoding contract addresses creates a dependency on the specific deployment of the contract. If the scrvUSD contract is upgraded or redeployed, the Verifiers would need to be updated as well.
The Verifiers become incompatible with scrvUSD upgrades, rendering the oracle unusable until the Verifiers are redeployed.
Manual Review
Allow the scrvUSD address to be updated via governance or admin functions.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.