• News
  • Altcoins
  • Blockchain
  • Bitcoin
  • Ethereum
  • Cryptocurrency News
What's Hot

Professional Term Papers

May 31, 2023

Samsung Galaxy A02s SM-A025F Binary 3 Full Firmware

May 22, 2023

Sustanon 250 steroid: tutto cio che devi sapere

May 22, 2023
Facebook Twitter Instagram
Bit News Today
  • News
  • Altcoins
  • Blockchain
  • Bitcoin
  • Ethereum
  • Cryptocurrency News
Bit News Today
Home»Altcoins»Uniswap Narrowly Avoids Possible Multi-Billion Dollar Hack
Altcoins

Uniswap Narrowly Avoids Possible Multi-Billion Dollar Hack

Saheel KhirodkarBy Saheel KhirodkarJanuary 6, 2023Updated:January 6, 2023No Comments2 Mins Read
Share
Facebook Twitter LinkedIn Pinterest Email
Uniswap Liquidity Pool Hit With Phishing Attack Totaling $3.5M in Ether -  Blockworks

A bug in Uniswap has been fixed that could have cost users millions, if not billions, of dollars. By total value locked, the DEX is the largest exchange in the world, with $3.26 billion in assets under management.

The Dedaub team was the first to identify the re-entrancy error that could have resulted in the loss of user funds. They then informed the Uniswap development group. The DEX developer acknowledged the error, fixed it, and redeployed the Universal Router smart contracts across all of Polygon’s chains.

The Dedaub team has disclosed a Critical vulnerability to the Uniswap team!

Funds are safe – Uniswap addressed the issue and redeployed the Universal Router smart contracts on all its chains 👏

The vulnerability allows re-entertrancy to drain the user's funds, mid-tx.

🧵 pic.twitter.com/wFSFsohPvy

— Dedaub (@dedaub) January 2, 2023

The Dedaub team noted that this weakness was introduced as a result of Uniswap’s decision to introduce the Universal Router, which combines NFTs and ERC-20 (fungible) tokens into a single swap router. According to their analysis, malicious actors could “embed a scripting language for all kinds of token actions.”

“Such commands could include transfers to third party (potentially untrusted) recipients. In a correct implementation, such a transfer should send to the recipient only what the call parameters specify. However, if third-party code is invoked at any point in the transfer (which manifests itself due to composition of protocols), the code can reenter the Universal Router and claim any tokens temporarily in the contract.”

After Uniswap re-deployed the Universal Router and added “a re-entrancy lock to the core execution,” funds are now secure.

Because of the way transfers are handled in account-based blockchains like Ethereum, the re-entrancy attack is a common smart contracting mistake. Hackers have discovered this flaw over time and have stolen hundreds of millions of tokens.

For context, it should be noted that a re-entrancy attack was used to lock millions of ETH in the first-ever DAO in Ethereum, causing the network to split into the longer-chain Ethereum and the proof-of-work Ethereum classic.

In order to take advantage of this weakness, the attacker starts an endless loop between the weak smart contracts and their smart contract, draining the latter’s holdings of money. Once the transaction is approved from the pool, the victim cannot recover funds because smart contracts are executed on an immutable base layer.

Dedaub was awarded a $40k bounty as part of the $3 million program that Uniswap announced.

Dedaub Team DeFi Uniswap Universal Router
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Saheel Khirodkar
Saheel Khirodkar
  • Twitter
  • Pinterest
  • Instagram
  • LinkedIn

Saheel works as a content writer for Bitnewstoday. He has always been interested in journalism and enjoys writing. Furthermore, His interest lies in cryptocurrency, and is continuously seeking for new techniques to invest. In his free time, he enjoys staying up to date on the latest industry news and spending time with his family.

Related Posts

How To Create Binance Account 2023

May 15, 2023

Bitcoin’s Next Step: Integration with New Social Systems Technology to Achieve Monetary Status

January 13, 2023

Sensory Immersion Takes Over: Touch and Smell Set to Revolutionize the Metaverse at CES 2023

January 13, 2023

Kraken Announces FLR Token Distribution via Email: Details Inside

January 13, 2023
Add A Comment

Leave A Reply Cancel Reply

Latest Posts

Professional Term Papers

May 31, 2023

Samsung Galaxy A02s SM-A025F Binary 3 Full Firmware

May 22, 2023

Sustanon 250 steroid: tutto cio che devi sapere

May 22, 2023

Kentucky Driver’s License Portal

May 20, 2023
Editor's Picks

How To Create Binance Account 2023

May 15, 2023

Caneschi Andrea Scheda personale Università degli Studi di Firenze

April 27, 2023

Nevada On line casino On the web 300% Accept Plus As much $two to three,000

March 24, 2023

Online Dating Safety and How to Recognize Red Flags

February 14, 2023

Subscribe to Updates

Get the latest sports news from SportsSite about soccer, football and tennis.

Top Insights

Professional Term Papers

May 31, 2023

Samsung Galaxy A02s SM-A025F Binary 3 Full Firmware

May 22, 2023

Sustanon 250 steroid: tutto cio che devi sapere

May 22, 2023
IMPORTANT LINKS
  • DMCA
  • Editorial Policy
  • Fact-Checking Policy
  • About Us
  • Bitnews Home
  • Contact Us
  • Disclaimer
  • Our Team
  • Privacy Policy
  • Terms & Conditions
  • Write For Us
Top Insights

Professional Term Papers

May 31, 2023

Samsung Galaxy A02s SM-A025F Binary 3 Full Firmware

May 22, 2023

Sustanon 250 steroid: tutto cio che devi sapere

May 22, 2023
Get Informed

Subscribe to Updates

Get the latest creative news from FooBar about art, design and business.

Welcome to BitNewsToday, where we bring you the latest updates and insights on the world of digital currencies. Whether you’re a seasoned crypto trader or just starting to learn about this exciting and rapidly-evolving industry, we’ve got you covered.

Top Insights

Professional Term Papers

May 31, 2023

Samsung Galaxy A02s SM-A025F Binary 3 Full Firmware

May 22, 2023
Connect With Us
Follow us Google News
Facebook Instagram Pinterest LinkedIn Twitter
  • About Us
  • Contact Us
  • Disclaimer
  • DMCA
  • Editorial Policy
  • Fact-Checking Policy
  • Our Team
  • Privacy Policy
  • Terms & Conditions
  • Write For Us
© 2023 BitNewsToday

Type above and press Enter to search. Press Esc to cancel.