Feb 19, 2023
Auditor: Wrongly-Ordered Code Enabled $8M Platypus Attack
The recent $8 million Platypus flash loan attack was made possible due to a coding error, according to a post-mortem report from the platform’s auditor Omniscia. The auditing company stressed that the problematic code was not present in the version of the MasterPlatypusV1 contract they audited from November 21 to December 5, 2021.
The report claims that the MasterPlatypusV4 contract “contained a fatal misconception in its emergencyWithdraw mechanism,” which led it to perform its solvency check before updating the LP tokens associated with the stake position. The issue could have been prevented if the code had been re-ordered so that the solvency check was performed after the user’s amount entry had been set to zero.
The Platypus team confirmed on February 16 that the attack had exploited a “flaw in [the] USP solvency check mechanism”, but did not provide further details. This new report from the auditor sheds more light on how the attacker was able to accomplish the exploit.
The code that was exploited was found in the Avalanche C-Chain address 0xc007f27b757a782c833c568f5851ae1dfe0e6ec7, which contained a function called “isSolvent” on the PlatypusTreasure contract. The lines of code that set the user’s amount, factor and rewardDebt to zero were written after the “isSolvent” function had already been called.
The Platypus team has attempted to contact the hacker to retrieve the funds in exchange for a bug bounty. The attacker used a flashed loan to perform the exploit, similar to the strategy used in the Defrost Finance exploit on December 25, 2022.
The incident has sparked a discussion about the importance of NFT marketing and promotion, especially when it comes to crypto and web3 projects. NFT marketing and promotion can help projects reach a wider audience and create more awareness about their product. NFT marketing agencies can help projects create effective marketing campaigns that will help them reach their goals.
Twitter is a great platform for NFT promotion, as it allows projects to quickly reach their target audience. Projects can use Twitter to post updates about their product, share NFTs, and engage with their community. Twitter NFT marketing can be a powerful tool for projects looking to increase their visibility and reach a larger audience.
Selling NFTs is a great way for projects to generate revenue and increase their visibility. Many projects are now offering NFTs for sale, and many web3 agencies are helping projects create and manage their NFT sales. These agencies can help projects create and manage their NFT sales, ensuring that the sales process is secure and efficient.
The Platypus incident has highlighted the need for projects to ensure that their code is secure and well-audited. Auditing is an important step in the development process, and it is essential for projects to ensure that their code is secure and well-written. Auditing companies can help projects identify any potential issues with their code and help them create a secure and reliable product.
Disclaimer: All investment or financial opinions expressed by MoonLanding Media are not recommendations and are intended for entertainment purposes only. Do your own research prior to making any kind of investment. This article has been generated based on trending topics, has not been fact checked and may contain incorrect information. Please verify all information before relying on it.
