_harvest() vulnerable to sandwich attacks due to missing slippage checks
Lines of code Vulnerability details Impact All funds that should have been harvested can be taken via MEV sandwich attacks because there is no slippage control. Proof of Concept The two swap calls pass zero as the third argument: File: contracts/MyStrategy.sol 1 249 uint256 balEthBptEarned =...