NFT lending protocol

According to reports from the Web3 network security company Ancilia, the root cause of the attack on the NFT lending protocol ParaSpace occurred in the scaledBalanceOf() function of the contract 0xddde38696fbe5d11497d72d8801f651642d62353, which is used to calculate the user’s collateral through the supply() function. However, manipulating the number of APE tokens in the function getPooledApeByShares() allows scaledBalanceOf() to return a large value. Users can own a large amount of collateral and use it to borrow more assets. Ancilia: The root cause of the ParaSpace attack occurred in the scaledBalanceOf() function of the 0xddde3 contract Analysis based on this information:Web3 network security firm Ancilia has reported that the root cause of the attack on the NFT lending protocol ParaSpace occurred in the scaledBalanceOf() function of the contract 0xddde38696fbe5d11497d72d8801f651642d62353 which is used to calculate users’ collateral through the supply() function. The attacker manipulated the number of APE tokens in the function getPooledApeByShares() allowing scaledBalanceOf() to return a large value. As a result, users…