delegatecall() modify merkleRoot, vault may lose all
Lines of code Vulnerability details Impact If the vault contract delegatecall the malicious contract by execute,the important variable merkleRoot can be modified. If the merkleRoot is set well designed, the vault will lose all tokens. Because, there are two main requirements for function execute ...