SingularityDAO has experienced an exploit on its ASI migrator smart contract, leading to significant financial losses. Developers are urging users to revoke their contract approvals.
Details of the Incident
Early this morning, an exploit was discovered in the ASI migrator smart contract of SingularityDAO. This exploit involves the 'Approve' function, posing a risk of financial loss for past interactions with the ASI migrator as it required an unlimited allowance.
Security Response
Security firm PeckShield reported that a bug in the migrator contract has led to losses exceeding $37 million. ASI developers later confirmed the exploit. DefiLlama developer @0xngmi, who is pseudonymous, warned that the exploit seems to affect both past and future transactions on the contract.
User Recommendations
SingularityDAO security head engineer Ahmed Ali advised users to revoke permissions related to the involved contracts as a security measure. He added that the team is working with security teams to mitigate the issue.
Efforts to address the vulnerability and minimize losses are ongoing. Users are advised to promptly check and revoke all approvals to prevent potential losses.
