1. Home
    2. /DEX Protocol, Bancor Network Could Have Lost $455,349 in Latest Security Vulnerability For The Third Time

    DEX Protocol, Bancor Network Could Have Lost $455,349 in Latest Security Vulnerability For The Third Time

    Ethereum-based DEX Protocol, Bancor Network reported Wednesday that it discovered a security vulnerability in a version of its smart contract deployed two days ago. Approximately $455,349 worth of customer funds were put at risk but, but the team acted quickly to move the funds to a safe wallet and rolled out an update to prevent ... Read more

    Updated Apr 24, 2024
    Wilfred Michael

    Author by

    Wilfred Michael

    DEX Protocol, Bancor Network Could Have Lost $455,349 in Latest Security Vulnerability For The Third Time

    Ethereum-based DEX Protocol, Bancor Network reported Wednesday that it discovered a security vulnerability in a version of its smart contract deployed two days ago. Approximately $455,349 worth of customer funds were put at risk but, but the team acted quickly to move the funds to a safe wallet and rolled out an update to prevent such occurrence in the future.

    In a more detailed blog post published after the incident, Bancor explained that the “v0.6 contracts mistakenly made a safeTransferFrom function in the BancorNetwork contract public.”

    “Exchange smart contracts like Bancor’s use allowance to interact with user wallets. This is a common practice used by most DAPPs. But in this case, a private function that should have been restricted to the contract alone was made public. This essentially allowed anyone to transfer tokens which were approved only for the contract to transfer,” the team added.

    Bancor initiated a white hack attack to remedy the situation, and reported in the current update that “Trading within the system is now back to normal.”

    Notably, this is not the first time that the Bancor Network has reported security vulnerability. The project lost $13.5 million worth of user funds to a hack in 2018 and suffered another $23 million hack last year. The latest incident is the only one in which the protocol didn’t lose user funds, a development that is fast becoming the norm for decentralized protocols.

    In February, bZx, a decentralized finance (DeFi) lending protocol provider lost approximately $940,000 worth of ETH to hackers in a security exploitation. Similarly, Fulcrum lost $360,000 in ETH to a protocol manipulation by an unidentified attacker.