CertiK: Rebalancer contract on Base chain suffered re-entry attack, losing more than $500,000
2024-12-10 18:19:11
On December 10, the CertiK alert system detected an exploit attack on the Rebalancer contract on the Base chain, and the attacker made 133.7 ETH, about $501,000, through the reentry vulnerability.
According to the analysis, the root cause of the vulnerability is that the open () function of the contract allows an arbitrary pool.strategy contract address to be passed in. The attacker uses this feature to enter the attack contract and reenter the operation when calling the burn function, thereby obtaining an additional 50% ETH.
According to the analysis, the root cause of the vulnerability is that the open () function of the contract allows an arbitrary pool.strategy contract address to be passed in. The attacker uses this feature to enter the attack contract and reenter the operation when calling the burn function, thereby obtaining an additional 50% ETH.
7x24 快讯
热门资讯
Vitalik:“DAO”意味着“项目”,“official”则意味着“骗局”pump.fun月收入超过Uniswap,在所有区块链中排名第四Baby Doge:已发起提案拟放弃以太坊和BNB Chain上的代币合约PayPal 稳定币 PYUSD 将上线 SolanaBitget推出3月合约排位赛,总奖池10万枚BGBBinance Labs投资孵化器第六期7个项目,包括Cellula、NFPrompt等Aevo已上线AEVO Pre-launch合约,现报价2.6美元币安未来几天将进行钱包维护,期间或出现大额转账Bithumb将停止支持Velo Protocol(VELO)交易,并将Conan(CON)指定为投资警示项目Framework Ventures过去14小时向Coinbase存入400万枚SNX富达FBTC和Valkyrie BRRR昨日净流入额均创新高Aevo上线Wormhole(W)Pre-launch合约,现报价1.79美元
