Author

Topic: How much can the batchoverflow bug affect Ethereums smart contracts? (Read 114 times)

full member
Activity: 476
Merit: 106
Ive heard that the bug allready fixed, if not there no way poloniex and other will re enable erc20 deposit option. And there lot of people who help to manage that bug fixed before any of that token got trade at exchanger. But still there lot more vuln in smart contract we not discover yet.
newbie
Activity: 43
Merit: 0
A new bug wandering around the blockchain is creating trillions of Ethereum smart contracts and is affecting ERC20 tokens and cryptocurrency exchanges alike.  The bug dubbed as “batchOverFlow” is facilitating the creation of unlimited amount of tokens, thus making ERC20 token vulnerable to price manipulations from attackers. A  vulnerable function was located in the batchTransfer for the creation of multiple tokens in a single transfer.

The bug was first recounted  April 22nd, when 115 octodecillion Beauty Coins (BEC) were created in two transactions. At the time, BEC was trading at $0.32 per token, which makes the total dollar value of the transaction around $3.7 novemdecillion.

Then a vulnerability in the SmartMesh contract was found which allowed someone to create 10 quadrillion SMT tokens worth more than 877 trillion USD.

 
Multiple Cryptocurrency exchanges have halted or suspended the trade of ERC20 tokens within their platform until further notice. Huobi Pro was one of the first to tackle the problem, suspending deposits and withdrawal of all coins, then subsequently allowing non-ERC20 tokens to be deposited/withdrawn. Other exchanges such as Poloniex, Changelly, HitBTC followed with a similar response.

Check the rest of the article here: https://medium.com/@benchi10/cryptocurrency-exchanges-halt-erc20-token-trading-due-to-batchoverflow-bug-d56ec10976f1
Jump to: