Sources
Loading...
Additional media
Loading...
DeepNewz, mobile.
People-sourced. AI-powered. Unbiased News.
ParaSwap, a middleware for traders and decentralized applications, encountered a critical vulnerability in its Augustus V6 contract, leading to an immediate response from the team and the crypto community. Users were urged to revoke approvals to the contract as a precautionary measure. The vulnerability was discovered shortly after the contract's launch on March 18, prompting ParaSwap to pause the V6 API on March 20 to protect users' funds. Despite these efforts, a hacker managed to exploit the vulnerability, resulting in the theft of $24K and affecting 386 addresses. In a significant move to mitigate the damage, whitehat hackers intervened, relocating $2.7M to a secure address 0x66E90d840D7C4F3473E25dD8ca361747058c6Db0. However, the total losses amounted to approximately $434k. The incident has sparked discussions about the risks associated with 'gas golfing' in smart contract development, highlighting the need for security over optimization.
Regarding the ParaSwap hack today: TL;DR: Part of the root cause is Solidity "gas golfing". ParaSwap v6 contracts are heavily gas optimised, written in assembly. Gas golfing is dangerous. For security, it's important for the smart contracts source code to "be easy to reason… https://t.co/Kv1VNyab4w
🚨 The ParaSwap team has discovered a critical vulnerability in their Augustus V6 contract: ⚪️ This led to a Whitehat action to relocate $2.7M to 0x66E90d840D7C4F3473E25dD8ca361747058c6Db0 At least ~$434k were lost due to this vulnerability. ⚪️ ParaSwap have since announced…
🚨 #ParaSwap responded to a vulnerability in their Augustus V6 contract, preventing a major loss. After launching on Mar 18, they paused the API on Mar 20 to protect users' funds. Despite their actions, a hacker managed to steal $24K. 386 addresses were affected.
