merkleRoot can be set by delegatecall(), violate setMerkelRoot()
Lines of code Vulnerability details Impact When delegatecall to target, the context is on Caller contract, all state change logics reflect on Caller’s storage. If the Vault contract calls the malicious contract by function execute,the important storage variable merkleRoot can be modified. Accordi...