langnavina97
commented
3 days ago This issue is out of scope as the mock folder is excluded.
Open hats-bug-reporter[bot] opened 3 days ago
langnavina97
commented
3 days ago This issue is out of scope as the mock folder is excluded.
Github username: @krkbaa Twitter username: 0xkrkba Submission hash (on-chain): 0x85bb6985d2b4a173688a5f750c2b1a2377aa4f614a07ba47015bfe1704ef26a6 Severity: medium
Description: Description\ in: https://github.com/Velvet-Capital/velvet-core/blob/849629b1aacf32d84634d8c4ef1378527bce3bb3/contracts/mock/UniSwapV2Handler.sol#L56-L63
also : https://github.com/Velvet-Capital/velvet-core/blob/849629b1aacf32d84634d8c4ef1378527bce3bb3/contracts/mock/UniSwapV2Handler.sol#L65-L95
a malicious validator can hold back the transaction and execute it at a more favourable block number.Consider allowing function caller to specify swap deadline input parameter. Attack Scenario\
Attachments
Proof of Concept (PoC) File
Revised Code File (Optional)