This instruction is susceptible to frontrunning that could result in loss of funds if not handled properly.
An attack could look like:
A legitimate user opens a new distributor.
Someone observes the call to this instruction.
They replace the clawback_receiver, admin, or time parameters with their own.
One situation that could happen here is the attacker replaces the admin and clawback_receiver with their own
and sets the clawback_start_ts with the minimal time allowed. After clawback_start_ts has elapsed,
the attacker can steal all funds from the distributor to their own clawback_receiver account.
HOW TO AVOID:
When you call into this instruction, ensure your transaction succeeds.
To be extra safe, after your transaction succeeds, read back the state of the created MerkleDistributor account and
assert the parameters are what you expect, most importantly the clawback_receiver and admin.
If your transaction fails, double check the value on-chain matches what you expect.
READ THE FOLLOWING:
This instruction is susceptible to frontrunning that could result in loss of funds if not handled properly.
An attack could look like:
One situation that could happen here is the attacker replaces the admin and clawback_receiver with their own and sets the clawback_start_ts with the minimal time allowed. After clawback_start_ts has elapsed, the attacker can steal all funds from the distributor to their own clawback_receiver account.
HOW TO AVOID: