I think root cause is improper check of calldata in “uniswapV2Call” function. It needs to check first parameter-sender address, but it didn’t. Hacker could call this callback function by calling “swap” function.

I think root cause is improper check of calldata in “uniswapV2Call” function. It needs to check first parameter-sender address, but it didn’t. Hacker could call this callback function by calling “swap” function.
by
Tags:
Leave a Reply