MALICIOUS USER CAN CALL THE FlywheelBribeRewards.setRewardsDepot() FUNCTION INDEFINITELY TO PUSH ethereum INTO STATE BLOAT
Lines of code Vulnerability details Impact The FlywheelBribeRewards.setRewardsDepot function is an external permissionless function. Any malicious user can create as many ERC20 compatible contracts as possible and can call this function to set themselves as strategies in the...