White Hats Defused $350 Million SushiSwap Vulnerability
As per a post
published by Ethereum decentralized exchange (DEX) SushiSwap on Monday, the research
partner at crypto-centric venture capital firm Paradigm.xyz samczsun saved $350
million worth of Ethereum from getting stolen at SushiSwap’s token fundraising
While evaluating the smart contract code for a "launchpad" for new tokens, BitDAO token sale at SushiSwap’s MISO platform potential issues with the smart contract was detected by a crypto researcher from VC firm Paradigm. After further examination, a threat was found that could lead to the hack of Ethereum by attackers. From San Francisco, Sam Sun, and his colleagues Georgios Konstantopoulos and Daniel Robinson, contacted to Sushi team giving alert about “a vulnerability” on the “Dutch auction” contract on the Miso platform. It was fixed in the platform in five hours hence there was no loss of funds. Using of MISO Dutch auction format will stop by SushiSwap until the smart contract can be updated.
Earlier hack on another platform:
One week before there was an attack detected on Poly Network for $600 million. Majority of the assets have since been returned.
What is SushiSwap?
SushiSwap is one of the most popular decentralized exchanges. Users can earn rewards by placing an array of Ethereum-based tokens into liquidity pools, which are used to facilitate trades without the need to directly connect buyers with sellers.
What is Dutch auction?
In a Dutch auction, investors place bids reflecting the maximum amount that they are willing to pay. Once the bids are collected, the highest bid is declared the winner. After the auction is finalized, unsuccessful bids are returned to their owners.
CBW - External Analyst