Web3 is Going Just Great

...and is definitely not an enormous grift that's pouring lighter fluid on our already smoldering planet.

Created by Molly White. Subscribe to her newsletter for weekly recaps.

The Idols NFT loses $324,000 to exploit

An illustration of a young-looking human wearing silver armor and a blue toga, with a silver tiara, long brown hair, and blue markings on their faceIdol #1295 (attribution)
An attacker noticed a vulnerability in a smart contract for The Idols, an NFT project that also incorporates ETH staking functionality. They discovered that a function used to distribute rewards had a bug when the sender and recipient addresses were the same, allowing a holder to repeatedly claim rewards. By taking advantage of this bug, they were able to siphon 97 stETH (~$324,000) from the project.

Although The Idols boasts of two audits from several years ago, the contract containing the vulnerability may not have been audited.

Theme tags: Hack or scam
Blockchain tags: Blockchain: Ethereum
Tech tags: NFT