A critical access control bug in SuperRare’s staking contract — easily detectable by unit tests or even ChatGPT — allowed an attacker to steal $731,000 in RARE tokens.
NFT trading platform SuperRare suffered a $730,000 exploit on Monday due to a basic smart contract bug that experts say could have easily been prevented with standard testing practices.
SuperRare’s (RARE) staking contract was exploited on Monday with around $731,000 worth of RARE tokens stolen, according to crypto cybersecurity firm Cyvers.
The vulnerability stems from a function meant to allow only specific addresses to modify the Merkle root, a critical data structure that determines user staking balances. However, the logic was mistakenly written to allow any address to interact with the function.
You can get bonuses upto $100 FREE BONUS when you:
💰 Install these recommended apps:
💲 SocialGood - 100% Crypto Back on Everyday Shopping
💲 xPortal - The DeFi For The Next Billion
💲 CryptoTab Browser - Lightweight, fast, and ready to mine!
💰 Register on these recommended exchanges:
🟡 Binance🟡 Bitfinex🟡 Bitmart🟡 Bittrex🟡 Bitget
🟡 CoinEx🟡 Crypto.com🟡 Gate.io🟡 Huobi🟡 Kucoin.
Comments