Summary

https://github.com/CodeHawks-Contests/2025-03-curve/blob/198820f0c30d5080f75073243677ff716429dbfd/contracts/scrvusd/verifiers/ScrvusdVerifierV1.sol#L83

The ScrvusdVerifierV1 contract has a State Proof Validation Bypass vulnerability that allows attackers to submit forged state proofs, potentially manipulating oracle updates and causing incorrect pricing data. The issue arises due to insufficient validation of the extracted state root and assumptions about storage slot existence.

Vulnerability Details

The ScrvusdVerifierV1 contract relies on RLP-decoded state proofs to verify storage slots of the SCRVUSD contract. However, the contract does not fully validate the extracted state root, making it vulnerable to forged proofs.

State root verification is incomplete The contract assumes that the state root obtained from get_state_root(_block_number) is always valid without cross-checking against an external, trusted source.

Account existence validation is weak: The function _extractParametersFromProof checks only account.exists, but an attacker could supply a manipulated proof that falsely confirms existence.

Missing proof integrity checks: The contract does not ensure that extracted storage slot values are correctly mapped to the expected state root. A malicious proof could return incorrect values.

Impact

An attacker could:

Forge a state proof using a manipulated or outdated state root.

Submit crafted _proof_rlp data, making the contract accept incorrect values for critical parameters.

Trigger the update_rice function with manipulated data, affecting price feeds in dependent DeFi protocols.

Oracle Manipulation: Attackers can inject incorrect pricing data, leading to financial losses.

State Inconsistency: Fake values can cause unexpected contract behavior.

DeFi Exploitation: Manipulated price updates can be exploited for arbitrage or liquidation attacks.

Tools Used

Recommendations

Implement strict Merkle Patricia Trie validation using StateProofVerifier.verifyAccountProof().