Link to Issue: code-423n4/2023-03-asymmetry-findings#641
The original issue describes an error in the calculation of ethPerDerivative() for the SfrxEth derivative. The fix described in the report for H-04 is straightforward, however the protocol team decided to change the whole implementation of this function in favor of using Chainlink, probably linked to issue H-08 which describes oracle price manipulation attacks.
While technically the issue described in H-04 is mitigated, as the whole code was replaced, the mitigation introduces a new issue related to the 1:1 frxETH assumption, which is described in a separate report [adriro-NEW-H-01].