Link to Issue: code-423n4/2023-03-asymmetry-findings#673
Even though the contest repository (https://github.com/code-423n4/2023-05-asymmetry-mitigation-contest revision 431a4b751fb7e184b847a41509b97e4d67971d2f) doesn't mention a changeset for M-09, I assume the corresponding pull request is the following https://github.com/asymmetryfinance/smart-contracts/pull/228/files
Issue M-09 mentions that the current pool (Uniswap) used to swap rETH isn't ideal as it doesn't provide the best liquidity available. In the associated mitigation, Uniswap has been replaced to use RocketSwapRouter, as per the warden recommendation in the report for M-09.
The sponsor followed the recommendation in the report, however, the implementation has hardcoded the parameters that control swap portions for the different pools to use only Balancer. This is not ideal, as a large swap amount may benefit from splitting the operation through different pools. This is also mentioned in the original report by the author:
RocketSwapRouter.sol automatically determines the best way to split the swap between Balancer and Uniswap pools.
For a more detailed explanation, see my concerns expressed in MR for M-04 regarding how RocketSwapRouter has been implemented.