Skip to content

Commit

Permalink
Merge pull request #172 from maticnetwork/spoofing-disclaimer
Browse files Browse the repository at this point in the history
add disclaimer for spoofing attack
  • Loading branch information
simonDos authored Dec 8, 2023
2 parents ece4e54 + cde8781 commit d6c2118
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 0 deletions.
8 changes: 8 additions & 0 deletions contracts/common/ContextMixin.sol
Original file line number Diff line number Diff line change
@@ -1,5 +1,13 @@
pragma solidity 0.6.6;

/**
* @notice DISCLAIMER:
* Do not use NativeMetaTransaction and ContextMixin together with OpenZeppelin's "multicall"
* nor any other form of self delegatecall!
* Risk of address spoofing attacks.
* Read more: https://blog.openzeppelin.com/arbitrary-address-spoofing-vulnerability-erc2771context-multicall-public-disclosure
*/

abstract contract ContextMixin {
function msgSender()
internal
Expand Down
8 changes: 8 additions & 0 deletions contracts/common/NativeMetaTransaction.sol
Original file line number Diff line number Diff line change
@@ -1,5 +1,13 @@
pragma solidity 0.6.6;

/**
* @notice DISCLAIMER:
* Do not use NativeMetaTransaction and ContextMixin together with OpenZeppelin's "multicall"
* nor any other form of self delegatecall!
* Risk of address spoofing attacks.
* Read more: https://blog.openzeppelin.com/arbitrary-address-spoofing-vulnerability-erc2771context-multicall-public-disclosure
*/

import {SafeMath} from "@openzeppelin/contracts/math/SafeMath.sol";
import {EIP712Base} from "./EIP712Base.sol";

Expand Down

0 comments on commit d6c2118

Please sign in to comment.