Tutorial 57: Unsanitized SWAP Paths and Arbitrary Contract Call Vulnerabilities
In decentralized applications (dApps), the ability to route and swap assets across different tokens or protocols often requires user-provided input to define the path for a transaction. While this mechanism provides flexibility, it also introduces a significant security risk if the provided paths are not properly validated or sanitized. Unsanitized paths, which are user-controlled inputs that determine the flow of assets, can be exploited to execute arbitrary code or interact with malicious tokens and smart contracts. This vulnerability can lead to unauthorized token transfers, contract calls, or even the draining of assets from the protocol, as seen in the Li.Fi attack of 2024, where an unsanitized function allowed for arbitrary execution, leading to the loss of approximately $8 million.
In this tutorial, we will explore how unsanitized swap paths or transaction routes can lead to arbitrary contract call vulnerabilities and how to mitigate such risks by implementing proper validation and security checks.
Last updated