Add gas siphoning attack

[maurelian]

Does this belong in the SWC?

https://medium.com/level-k/public-disclosure-malicious-gastoken-minting-236b2f8ace38

It's not something that can be mitigated within a contract, the issue affects exchanges who include a too high gas limit with an ETH transfer.

[maurelian]

I see that this was started and stalled in #140.
It's not really a vuln at the contract layer, because it affects any situation in which a call is made to an arbitrary address.
The issue is with gas estimation in wallet code.

[maurelian]

So, after chatting with @b-mueller, I think this is out of scope.

I guess as long as you can express an issue with a code sample it belongs into the SWC. if it's something that only relates to wallets then it doesn't