Imunefi Reports Dynamic.fi’s Pledge Contract Hack Due to Accounting Error
According to reports, Imunefi, a smart contract vulnerability reward platform, said on social media that dynamic. fi\’s pledge contract was hacked by 73.8 BNB, …
According to reports, Imunefi, a smart contract vulnerability reward platform, said on social media that dynamic. fi’s pledge contract was hacked by 73.8 BNB, with a value of about $22634, due to incorrect accounting treatment of the deposit function.
Dynamic.fi’s pledge contract was blacklisted 73.8 BNB
Interpretation of the news:
Imunefi, a smart contract vulnerability reward platform, issued a statement on social media reporting the hack of dynamic.fi’s pledge contract. This hack resulted in the theft of 73.8 BNB, which is equivalent to about $22634. The vulnerability that led to the hack was caused by an incorrect accounting treatment of the deposit function.
The smart contract concept is based on automatic execution of code upon contract conditions being met. Smart contracts are immutable, meaning that once they have been deployed, they cannot be modified. If a vulnerability exists, it can be exploited with disastrous consequences. The concept behind vulnerability reward platform like Imunefi is to promote secure smart contract development by incentivizing security researchers to identify vulnerabilities and report them for reward.
Dynamic.fi, a platform designed to democratize yield farming by developing trustless and decentralized tools for safe and easy crypto asset management, created a pledge mechanism that locks up users’ funds for 28 days to access certain functionality. The hack itself involved an accounting error with the deposit function that allowed a malicious user to withdraw the locked up funds.
This hacking incident highlights two important issues with smart contracts: first, human error can cause significant security vulnerabilities that can be exploited for theft; second, once a smart contract is deployed, it is immutable, which means that vulnerabilities can continue to exist indefinitely. Smart contract developers need to be aware of these issues and take appropriate measures to minimize the risk of attacks.
Imunefi deserves credit for encouraging security research by providing incentives to identify vulnerabilities before they can be exploited. Platforms like dynamic.fi will benefit greatly from this kind of input, as it can help them design and improve their smart contracts to make them more secure.
In conclusion, the hacking of dynamic.fi’s pledge contract is a reminder of the risks inherent in smart contract development. The growing number of service providers like Imunefi that incentivize security researchers to find vulnerabilities is a positive sign for the industry, as it can help to identify security issues and resolve them before they result in financial losses to investors.
This article and pictures are from the Internet and do not represent Fpips's position. If you infringe, please contact us to delete:https://www.fpips.com/2469/
It is strongly recommended that you study, review, analyze and verify the content independently, use the relevant data and content carefully, and bear all risks arising therefrom.
Recommended articles
-
Why has the price of Ugas Coin been falling? (What is Ugas Coin)
Why has the price of Ugas Coin been falling and what is the reason behind it?1.
-
Ancilia Reports Root Cause of ParaSpace Attack
According to reports from the Web3 network security company Ancilia, the root cause of the attack on the NFT lending protocol ParaSpace occurred in the scaledBalanceOf() function of the contract 0xddde38696fbe5d11497d72d8801f651642d62353, which is used to calculate the user’s collateral through the supply() function. However, manipulating the number of APE tokens in the function getPooledApeByShares() allows scaledBalanceOf() to return a large value. Users can own a large amount of collateral and use it to borrow more assets. Ancilia: The root cause of the ParaSpace attack occurred in the scaledBalanceOf() function of the 0xddde3 contract Analysis based on this information:Web3 network security firm Ancilia has reported that the root cause of the attack on the NFT lending protocol ParaSpace occurred in the scaledBalanceOf() function of the contract 0xddde38696fbe5d11497d72d8801f651642d62353 which is used to calculate users’ collateral through the supply() function. The attacker manipulated the number of APE tokens in the function getPooledApeByShares() allowing scaledBalanceOf() to return a large value. As a result, users…
-
USDT Takes the Lead as Stablecoin Market, Gathers Momentum
According to the report, the data shows that the total market value of the US dollar stable currency is US $138.5 billion at present, with USDT accounting for …
-
SpaceX’s “Starship” Set to Launch Again in 1-2 Months: Musk
According to reports, Musk tweeted that it appears that SpaceX can prepare to launch the \”Starship\” again within 1-2 months. He also explained that three months ago, the SpaceX tea
-
Two Arrested in Connection to DeFi Hack
It is reported that according to a tweet from the French police department, two people suspected of supporting the DeFi agreement Platypus have been arrested. …
-
“UACatsDivision”: Ukraine’s First National NFT Series Backed by Government Investment
According to reports, Ukrainian President Volodymyr Zelenskyy has signed the country\’s first national NFT series, which has been approved under the name \”UACatsDivision\”. It is rep
-
What is Ada Currency (What is the Currency Market of Ada)?
Ada is a digital currency based on blockchain technology, founded by Gavin Wood,
-
EVERNODE LAUNCHES HOOKS V3 TO IMPROVE THEIR SMART CONTRACT PLATFORM
It is reported that Evernode, a two-layer decentralized licensed smart contract platform based on XRP Ledger, has announced the release of Hooks V3, the latest version of the platf
-
Understanding the Opening of the A-Share Market Today
According to news, the A-share market opened with the Shanghai Composite Index at 3263.41 points, up 0.07%, the Shenzhen Composite Index at 11666.31 points, up 0.12%, and the Shenz
-
Canadian Securities Administration to Tighten Cryptocurrency Exchange Requirements
It is reported that, according to two people familiar with the plan, the Canadian Securities Administration (CSA) will tighten the requirements for the cryptoc…
-
**The Panic and Greed Index: Understanding the State of the Market**
According to reports, today\’s panic and greed index is 50 (yesterday\’s 52), and the rating is still neutral.
Today, the panic and greed index is 50, and the level is still neutral -
CEO of Galaxy Digital, Michael Novogratz, Advises Investment in Gold, Silver, and Bitcoin amidst Credit Crunch
According to reports, Michael Novogratz, founder and CEO of Galaxy Digital, said that the United States is facing a credit crunch, and now is the best time to buy gold, silver, and Bitcoin. “In an interview with CNBC, he explained, ‘The United States and the world will face a credit crunch. You should invest in gold and silver… and Bitcoin.’” Founder of Galaxy Digital: Now is the best time to buy gold, silver, and bitcoin Analysis based on this information:Founder and CEO of Galaxy Digital, Michael Novogratz, has advised investors to consider buying gold, silver and Bitcoin, given the looming credit crunch currently being faced by the United States and the world at large. In an interview with CNBC, he stated, “The United States and the world will face a credit crunch. You should invest in gold and silver… and Bitcoin.” A credit crunch can be defined as a sudden reduction in the availability of credit or a sharp increase…
-
When will Chengdao coin be withdrawn
On October 19, 2018, SorawitSuriyakarn, a Singapore blockchain startup, issued a statement saying: “I don’t hold any chengdao coins. But as a developer, miner and community leader, I believe that we will be able to obtain chengdao coins in various ways in the near future.” According to the official news, according to the provisions of Law of Singapore, SORAwenta is a Cryptocurrency exchange that is fully hosted by Swiss private banks and has a legal license. In addition, SorawartSuryakorn has also announced a project called “Digital Asset Trading Platform”. Dogecoin is a network based on Ethereum network.
-
Blur’s Loyalty Plan Causes a Significant Drop in OpenSea Wallet Addresses
According to Dune data, due to Blur\’s loyalty plan, 13600 wallet addresses have cancelled their listing on OpenSea in the past week, which is 5-6 times the pre…
-
ApeCoin DAO Launches New Proposal AIP-150 for “ApeCoin Capsules”
According to the news on February 17, ApeCoin DAO has launched a new proposal AIP-150 and launched a vote to launch the new \”ApeCoin Capsules\”, which will cont…
-
Exploring Nanjing’s New Literary Metaverse Ecological Platform
According to reports, on the evening of World Reading Day on April 23, Nanjing released the Literary Metaverse Ecological Platform – Wenshu Metaverse. On site, young teachers and s