In the Fee contract, the funds in the contract will be swapped to WETH, and then will be deposited in the Staking contract as incentives.
But since the slippage is 0 during the swap, anyone can steal all the funds through a sandwich or JIT attack, and no WETH will be credited as a reward to the staking contract.
Anyone can call sellProfits so they don't need to listen to the mempool but trigger it themselves
The malicious users push the tick in the uniswap3 pool to a high level, and then swap through a sandwich or JIT, the minimum WETH received can be 0, and then restore the tick in the pool to the market price, the attacker can steal almost all the tokens of the swap.
A malicious user can steal all the tokens in the Fee contract, the staking contract will not be incentivized, and no users will want to staking.
Manual review
Fix a percentage slippage or set the owner to manage the slippage.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.