Acquista Criptovalute
Paga con
USD
USD
Buy & Sell
Hot
Supports Visa, MasterCard, SEPA & more
P2P
0 Fees
Flexible trading, zero fees
Gate Card
Use your crypto for payments worldwide
Mercati
Trading
Basic
Advanced
Futures
Futures
Access hundreds of perpetual contracts
TradFi
Gold
One platform for global traditional assets
Opzioni
Hot
Trade European-style Vanilla Options
Conto unificato
Massimizza l'efficienza del tuo capitale
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Guadagna
Lancia
CandyDrop
tag
Raccogli le caramelle per guadagnare airdrop
Launchpool
Staking rapido, guadagna potenziali nuovi token
HODLer Airdrop
Fai holding GT e ottieni enormi airdrop gratuitamente
Launchpad
Sii tra i primi per il prossimo grande progetto
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
Investimento
Square
Square
Post, share, and explore crypto trends
Live
moments live
Live crypto market analysis
Chat
Chat with crypto traders
News
What is happening in crypto
flower_head
Altro
Promozioni
AI
Altro
TradFi
Rewards

Bunni指出智能合约舍入误差是造成840万美元闪电贷漏洞的原因

GateNews

PANews 9月5日消息,据The Block报道,去中心化交易所Bunni于周二发布了一份关于漏洞攻击事件的复盘报告,此次攻击导致其损失840万美元。报告指出,此次攻击影响了两个交易池——Unichain上的weETH/ETH交易对,以及以太坊主网上的USDC/USDT交易对。漏洞源自智能合约中更新闲置余额时采用的舍入方向存在问题,该问题出现在用户提现环节。攻击者利用这一错误发起了闪电贷攻击,操纵了交易池的价格和流动性。 首先,攻击者通过闪电贷借入300万枚USDT,并进行多次代币交换以操纵价格,将可用USDC减少至仅28 wei。随后,攻击者利用44次小额提现的舍入误差,进一步耗尽USDC余额,导致交易池总流动性大幅下降。最后,攻击者执行了一笔大额代币交换以抬高价格刻度,随后以操纵后的价格进行反向交换。Bunni表示所有舍入操作单独检验均安全,但组合操作形成漏洞。目前已更新舍入代码并恢复跨链提款,但存款、交换等功能仍暂停。平台正与执法部门合作追踪转入Tornado Cash的资金,并向攻击者提供10%资金作为返还赏金。后续将完善测试框架以确保全面安全恢复。

Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to Disclaimer.
Commento
0/400
Nessun commento