Safety Considerations

Not getting REKT 101

Searchers must remember that anyone can submit bids to the FastLane Auction, and therefore anyone can attempt to call their smart contract in such a way that the msg.sender is the FastLane Auction Handler.

When the FastLane Auction Handler calls a searcher's contract's fastLaneCall function, the first argument passed is the original msg.sender of the Auction Handler's submitFlashBid function.

Regardless of whether the searcher is using a direct or proxy implementation, access and security checks must be explicitly handled by verifying that the address supplied by the fastLaneCall's first argument is properly permissioned.

Please see the next two sections for examples of these checks.

Last updated