You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Arbitrage.sol. The smart contract implements functions that can be executed by anyone. The executeTrade function can be called by any external account, which could potentially lead to misuse and unintended consequences if not properly secured. Furthermore, nothing in the code validates if the token addresses or the flash loan conditions are safe and trusted for usage.
Arbitrage.sol. There is a lack of access control for sensitive functions. The executeTrade function lacks authorization checks to restrict its execution to trusted addresses.
Arbitrage.sol .The contract makes use of an external flash loan vault from the Balancer protocol, but does not include mechanisms to ensure expected conditions of the flash loan are met, such as the correct token balances after trades. This lacks a check or require statement ensuring the arbitrage was profitable before returning funds or profits to the contract owner.
Arbitrage.sol. Unchecked return values from low-level calls. The approve function calls in _swapOnUniswap and _swapOnSushiswap functions have no safety check to prevent unexpected failure in token transfer approval process.
