claimAndSwap function will break on Arbitrum and Polygon if router is changed due to hardcoded DEX interfaces
Summary
A design limitation exists in both StrategyArb.sol and StrategyOp.sol where the router address can be updated via setRouter, but the claimAndSwap functions use hardcoded DEX-specific interfaces. This mismatch means that while the router address can be changed, the contracts can't actually interact with new routers that have different interfaces.
Vulnerability Details
The setRouter function allows changing the DEX router:
However, the swap functions use DEX-specific interfaces: StrategyArb.sol:
StrategyOp.sol:
The core issue is that:
The DEX interfaces are hardcoded (Ramses/Velodrome)
Different DEXs use different route parameter structures
No way to update the interface when the router changes
Impact
If management needs to change the router:
claimAndSwapwill revert due to interface mismatchStrategy won't be able to swap claimed tokens
New strategy contracts would need deployment instead of simple router updates
Core functionality breaks despite valid router address update
Tools Used
Manual Review
Recommendations
Implement a low-level call approach to make the router interaction interface-agnostic:
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.