• Dapps: 16.23K
  • Blockchains: 78
  • Active users: 66.47M
  • 30d volume: $303.26B
  • 30d transactions: $879.24M

Across Protocol Vulnerability Exposed by LayerZero CEO

by

2 hours ago

Bryan Pellegrino, CEO of LayerZero, has unveiled a critical vulnerability in the token contract of Across Protocol, putting user wallet security at risk.

Vulnerability Disclosure

Pellegrino disclosed the vulnerability via social media, warning it could allow malicious actions such as token destruction and balance manipulation across user wallets. The issue arises from a function that was intended to be private but was inadvertently made public in the contract.

The flaw comes from OpenZeppelin’s ERC20 token implementation, allowing the contract owner to destroy tokens or empty wallets, reducing any account balance to zero.Bryan Pellegrino

Unlimited Token Minting Flaw

In addition to the aforementioned flaw, Pellegrino identified a separate issue in both the Across and UMA Protocol contracts that could allow unlimited token minting. This could lead to significant consequences for the protocols’ token economies, including serious market manipulation or loss of trust.

Suggestions for Resolution

To mitigate risks without reprinting tokens, Pellegrino suggested transferring ownership of the vulnerable token contract to a new smart contract. This new contract should ensure security by eliminating overprinting and token destruction capabilities. Pellegrino emphasized that the new contract should be immutable, with limited ownership transfer to guarantee long-term protection.

The revelation of vulnerabilities in Across and UMA Protocols highlights the necessity of robust smart contract security. Timely response and security enhancements should be a priority for every project.

0

Share

Other news

Crypto Trends: Choose the Top 5 Altcoins

October brings new opportunities for altcoins set to show growth by 2025.

5 minutes ago

Bitcoin Holder Makes Whale-Sized Investment in Rexas Finance (RXS) After CoinMarketCap Listing

Bitcoin holder returns after 11 years and invests in Rexas Finance (RXS) following CoinMarketCap listing.

7 minutes ago

Crypto Money Mule Scams: What They Are and How to Protect Yourself

Learn how crypto money mule scams work and the measures to take for protection.

7 minutes ago

XRP Price Analysis: Potential and Barriers

XRP prices have been stuck in a narrow range while investors await a potential price jump. Current trends overview.

8 minutes ago

NEIRO debuts on OKX: anticipated listing and trading details

Memecoin NEIRO gets listed on OKX, opening trading opportunities and potential growth.

10 minutes ago

UTONIC Protocol Initiates Events to Enhance Restaking on TON

UTONIC Protocol launches upcoming events to increase yield on Open Network and TON, enhancing ecosystem security.

11 minutes ago

dapp expert logo
© 2020. DappExpert. All rights reserved.
© 2020. DappExpert. All rights reserved.

Important disclaimer: The information presented on the Dapp.Expert portal is intended solely for informational purposes and does not constitute an investment recommendation or a guide to action in the field of cryptocurrencies. The Dapp.Expert team is not responsible for any potential losses or missed profits associated with the use of materials published on the site. Before making investment decisions in cryptocurrencies, we recommend consulting a qualified financial advisor.