Security Researcher: Exchange Loses $300,000 to MEV Bot Due to Misconfiguration in 0x Contract Interaction
According to Jinse Finance, a certain exchange lost approximately $300,000 in token fees to MEV bots due to a misconfiguration when interacting with 0xProject’s “swapper” contract. Venn Network security researcher and “X” user deeberiroz disclosed on Wednesday that the exchange interacted with the “swapper” smart contract of 0x, a decentralized peer-to-peer trading platform, even though this contract was never intended for token approval operations. The “swapper” contract provided by 0xProject is designed for executing token swaps. It is permissionless, allowing anyone to call it for any operation without ownership restrictions. However, it is not designed to receive token approvals, as doing so could expose funds to risk. The researcher noted that this design has previously led to known issues, such as incidents involving Zora airdrop claims on the BaseLayer2 network.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Jupiter: WET token Phase 1 sale time adjusted, allocation reduced to 4%
Animoca Brands and the crypto community jointly donate over HK$2.6 million for the Tai Po fire in Hong Kong
Data: A certain whale spent 10 million DAI to purchase 3,297 ETH
YZi Labs announces the EASY Residency Season 2 team, covering Web3, AI, and biotechnology
Trending news
MoreCrypto prices
More
