Summary

The current design of the oracle update mechanism does not clearly indicate a protection against replay attacks, allowing the possibility of reusing an old, valid state proof to revert the oracle price to a stale state. Replay of an old valid proof could revert the price feed; the attack path is moderately feasible.

Vulnerability Details

-The verifier functions (in both Verifier V1 and V2) do not appear to incorporate a nonce or unique identifier within the state proof submission, which would prevent an attacker from replaying a previously valid proof.

-Replaying an old state proof might cause the oracle to update with outdated vault parameters, effectively “rolling back” the scrvUSD price.

Elaboration

Without a nonce or unique identifier to prevent reuse, the oracle update mechanism is susceptible to replaying an old (but valid) state proof. This can force the price feed to revert to outdated data, albeit under moderate exploitation conditions.​

Proof of Concept (PoC):

An attacker replays a previously valid state proof to revert the oracle price to a stale state.​

In this PoC, the attacker replays old proofs, causing the oracle to update with outdated vault parameters, leading to incorrect pricing.

Impact

-Replayed proofs could force the oracle to revert to outdated price data, creating exploitable windows for arbitrage.

-Users and liquidity providers would be adversely affected by inaccurate and stale pricing information, undermining system integrity.

Tools Used

-Manual Code Review

-Cross-reference with the Solodit Checklist for replay protection measures

-Chat GPT o3-mini-high

Recommendations

-Implement a replay protection mechanism (e.g. a nonce or unique proof identifier) that is stored on-chain and checked before processing any state proof.

-Ensure that each proof can only be used once and that any replayed proofs are rejected based on their associated nonce or timestamp.

-Augment the existing block number or timestamp checks to further safeguard against the reuse of outdated proofs.