If an attacker is able to reenter swap(), they can execute their own trade using the same tokens and get all the tokens for themselves.
Use a simple reentrancy guard, such as OpenZeppelin’s ReentrancyGuard to prevent reentrancy in MetaSwap.swap()
- ConsenSys Audit MetaSwap Finding 4.1
- Reentrancy
- Major Severity
- Swap Reentrancy
- Use Reentrancy Guard
- Youtube Reference
- Major severity finding from Consensys Diligence Audit of MetaSwap