Security Researcher: Exchange Loses $300,000 to MEV Bot Due to Misconfiguration in 0x Contract Interaction
According to Jinse Finance, a certain exchange lost approximately $300,000 in token fees to MEV bots due to a misconfiguration when interacting with 0xProject’s “swapper” contract. Venn Network security researcher and “X” user deeberiroz disclosed on Wednesday that the exchange interacted with the “swapper” smart contract of 0x, a decentralized peer-to-peer trading platform, even though this contract was never intended for token approval operations. The “swapper” contract provided by 0xProject is designed for executing token swaps. It is permissionless, allowing anyone to call it for any operation without ownership restrictions. However, it is not designed to receive token approvals, as doing so could expose funds to risk. The researcher noted that this design has previously led to known issues, such as incidents involving Zora airdrop claims on the BaseLayer2 network.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Decentralized RWA infrastructure project Infinite Galaxy Protocol officially launches Genesis Node sale
HyperLiquid co-founder: No external fundraising has been conducted, so there are no investor HYPE token unlocks
Santiment: Stablecoin yields decline, Ethereum may soon return to the $3,200 level
Data: Ethereum staking rate reaches 28.65%, Lido market share at 24.12%
Trending news
MoreCrypto prices
More
