User can steal output token when input token is a rebasing token in which algebraSwapCallback can be called to expand total supply of the rebasing token
Lines of code Vulnerability details Impact When calling the swap function below, the following swapCallback function is further called for calling the algebraSwapCallback function in the callee contract that is msg.sender; such contract does not have to be a shared router and can be separately...