I am looking for some help understanding a user error scenario that has been brought to my attention.
Scenario: A user sends assets to the Uniswap V3 Router smart contract by accident. The transaction is a simple send as if to a wallet, and does not invoke a swap, or any smart contract functions.
What has been observed is that it seems to be possible for another address to subsequently gain control over these assets.
Spotting and exploiting this 'feature' seems to have become a standard MEV procedure, such that assets sent to the router contract in this way are routinely 'acquired' by validators in the same block as the initial transaction.
- How is this possible? What is the specific function/code that permits reassignment/claiming of assets in this way?
- Is there a reason why this functionality exists?
- Could an improvement to the protocol be made to prevent this sort of loss?
Grateful for any insight.
Here is an example: https://community.metamask.io/t/sent-usdt-to-wrong-address-it-was-multicall-address-now-lost/18637/3