Safety Considerations
Not getting REKT 101
Searchers must remember that anyone can submit bids to the FastLane Auction, and therefore anyone can attempt to call their smart contract in such a way that the msg.sender
is the FastLane Auction Handler.
When the FastLane Auction Handler calls a searcher's contract's fastLaneCall
function, the first argument passed is the original msg.sender
of the Auction Handler's submitFlashBid
function.
Regardless of whether the searcher is using a direct or proxy implementation, access and security checks must be explicitly handled by verifying that the address supplied by the fastLaneCall
's first argument is properly permissioned.
Please see the next two sections for examples of these checks.
Last updated