Feb 18, 2023
$8m Platypus Attack Caused by Code Misorder: Report
The recent $8 million Platypus flash loan attack has been attributed to a coding error in the Platypus MasterPlatypusV4 contract. According to a post-mortem report from Platypus auditor Omniscia, the code had the necessary elements to prevent the attack, but the elements were in the wrong order.
The report stated that the emergencyWithdraw mechanism of the contract contained a “fatal misconception” which allowed the attack to occur. The code should have performed a solvency check after the user’s amount entry was set to zero, but instead it was performed before.
Omniscia audited a version of the contract from November 21 to December 5, 2021, but this version did not contain the misordered lines of code. This implies that the developers must have deployed a new version of the contract after the audit was made.
The Platypus team confirmed that the attack occurred due to a flaw in the USP solvency check mechanism. The auditor’s report sheds further light on how the attacker may have been able to accomplish the exploit. The attacker used flashed loans to perform the exploit, which is similar to the strategy used in the Defrost Finance exploit of December 25.
The Platypus team is attempting to contact the hacker and get the funds returned in exchange for a bug bounty. The team is also exploring other ways to recover the funds, such as NFT marketing and promotion.
NFT marketing and promotion is becoming increasingly popular in the crypto and web3 space. It is a great way to promote NFTs and gain exposure for projects. Companies are now hiring NFT marketing agencies to help them market their NFTs and reach a wider audience.
Twitter is also a great platform for NFT marketing. Companies can use Twitter to promote their NFTs, engage with their community, and build relationships with potential buyers.
Selling NFTs is also becoming more popular. Companies are now offering NFTs for sale on various platforms, such as OpenSea and Rarible. These platforms make it easy for buyers to find and purchase NFTs.
Overall, the Platypus flash loan attack has highlighted the importance of code security and proper auditing. Companies should ensure that their code is secure and that they are using the latest version of their contracts. They should also use reputable auditing companies to audit their code. Finally, they should explore NFT marketing and promotion strategies to help them recover lost funds and promote their projects.
Disclaimer: All investment or financial opinions expressed by MoonLanding Media are not recommendations and are intended for entertainment purposes only. Do your own research prior to making any kind of investment. This article has been generated based on trending topics, has not been fact checked and may contain incorrect information. Please verify all information before relying on it.
