Storage Proofs
Curve
DeFiLayer 1Layer 2
14,723 OP
View results
Previous Next
Submission Details
Severity: high
Invalid

balance_of_self slot calculation is swapped (key vs. slot), leading to incorrect data

rp_who

Summary

  • The Verifier incorrectly calculates the storage slot for balance_of_self, leading to incorrect price calculations and systemic protocol risks.

Vulnerability Details

The Verifier assumes balance_of_self is stored in an ERC20-style balanceOf mapping and uses keccak256(abi.encode(18, scrvUSD)) to compute its slot.

Reality: In the Vyper-based scrvUSD Vault, balance_of_self is a struct member (PriceParams struct) stored at a fixed sequential slot (e.g., slot 12).

  • Vyper stores struct members in sequential slots (no hashing):

struct PriceParams:
total_debt # Slot 6
total_idle # Slot 7
total_supply # Slot 8
full_profit_unlock_date # Slot 9
profit_unlocking_rate # Slot 10
last_profit_update # Slot 11
balance_of_self # Slot 12 "Fixed slot"

  • The Verifier’s hashing logic (keccak(18, scrvUSD)) points to an arbitrary slot, resulting in garbage data being read.

Impact

  • The verifier will provide incorrect scrvUSD price updates to the oracle.

  • This can lead to significant financial losses for users relying on the oracle's accuracy.

  • The entire price feed system becomes unreliable.

Tools Used

Manual Code Review

Recommendations

Update Verifier Logic:

  • Replace the current keccak256-based calculation with direct slot access.

Use Fixed Slot for balance_of_self:

  • Directly read balance_of_self from its fixed slot (e.g., slot 12) instead of hashing.

    uint256 balanceOfSelf = getStorageAt(scrvUSDAddress, 12);
Updates

Lead Judging Commences

0xnevi Lead Judge
2 months ago
0xnevi Lead Judge about 2 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement
Assigned finding tags:

[invalid] finding-incorrect-storage-slot-retrieval

See comments in primary finding in 239

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.