Key Points:
Blockchain security firm CertiK identified a KyberSwap vulnerability, specifically in the computeSwapStep() function’s implementation. This function, responsible for calculating exchange input/output amounts, fees, and sqrtP, erroneously generated a slightly larger price than the targetSqrtP due to a miscalculation in the calcFinalPrice call.
The attacker exploited this KyberSwap vulnerability by performing precise calculations within the empty scale range of the liquidity pool. By strategically utilizing cross-exchange liquidity counts, they managed to deplete KyberSwap pools containing low liquidity, leading to the successful attack.
The stolen funds, totaling $46 million, have been dispersed across various chains, including Arbitrum, Optimism, Ethereum, Polygon, and Base. Blockchain investigator “Spreek” clarified that the issue is not related to approvals but pertains to the total value locked (TVL) in Kyber’s liquidity pools.
In response to the attack, the KyberSwap team directly engaged with the hacker, offering a 10% reward, approximately $4.7 million, for the return of the stolen assets.
KyberSwap co-founder Victor Tran urged the attacker to refund 90% of the hacked amount to a specified wallet address before 06:00 AM on November 25 UTC.
DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Kraken may drop USDT in the EU due to upcoming MiCA regulations. Other exchanges adapt,…
Rumor has it that zkSync, an Ethereum scaling solution, may drop a governance token soon.…
Oklahoma crypto bill OKHB3594 safeguards residents' rights to use and self-custody digital assets, legalizes home…
Solana tops CoinGecko, boasting highest daily transactions per second (TPS). It outperforms Ethereum and Polygon,…
Bitcoin's correlation with mainstream assets, like tech stocks, is on the rise, fueled by optimism…
The Federal High Court in Abuja has denied bail to Tigran Gambaryan, a senior Binance…
This website uses cookies.