From cde8781752881ea7ab18c847d21be45d5b720510 Mon Sep 17 00:00:00 2001
From: Simon Dosch <sdosch@polygon.technology>
Date: Fri, 8 Dec 2023 15:26:57 +0100
Subject: [PATCH] add disclaimer and link

---
 contracts/common/ContextMixin.sol          | 8 ++++++++
 contracts/common/NativeMetaTransaction.sol | 8 ++++++++
 2 files changed, 16 insertions(+)

diff --git a/contracts/common/ContextMixin.sol b/contracts/common/ContextMixin.sol
index e544486d..13c8ff95 100644
--- a/contracts/common/ContextMixin.sol
+++ b/contracts/common/ContextMixin.sol
@@ -1,5 +1,13 @@
 pragma solidity 0.6.6;
 
+/**
+ * @notice DISCLAIMER:
+ * Do not use NativeMetaTransaction and ContextMixin together with OpenZeppelin's "multicall"
+ * nor any other form of self delegatecall!
+ * Risk of address spoofing attacks.
+ * Read more: https://blog.openzeppelin.com/arbitrary-address-spoofing-vulnerability-erc2771context-multicall-public-disclosure
+ */
+
 abstract contract ContextMixin {
     function msgSender()
         internal
diff --git a/contracts/common/NativeMetaTransaction.sol b/contracts/common/NativeMetaTransaction.sol
index ccde1fb5..0b93f68a 100644
--- a/contracts/common/NativeMetaTransaction.sol
+++ b/contracts/common/NativeMetaTransaction.sol
@@ -1,5 +1,13 @@
 pragma solidity 0.6.6;
 
+/**
+ * @notice DISCLAIMER:
+ * Do not use NativeMetaTransaction and ContextMixin together with OpenZeppelin's "multicall"
+ * nor any other form of self delegatecall!
+ * Risk of address spoofing attacks.
+ * Read more: https://blog.openzeppelin.com/arbitrary-address-spoofing-vulnerability-erc2771context-multicall-public-disclosure
+ */
+
 import {SafeMath} from "@openzeppelin/contracts/math/SafeMath.sol";
 import {EIP712Base} from "./EIP712Base.sol";