On December 10, the CertiK alert system detected an exploit attack on the Rebalancer contract on the Base chain, and the attacker made 133.7 ETH, about $501,000, through the reentry vulnerability.
According to the analysis, the root cause of the vulnerability is that the open () function of the contract allows an arbitrary pool.strategy contract address to be passed in. The attacker uses this feature to enter the attack contract and reenter the operation when calling the burn function, thereby obtaining an additional 50% ETH.
CertiK: Rebalancer contract on Base chain suffered re-entry attack, losing more than $500,000
2024-12-10 10:19:11
Disclaimer:
1. The information provided does not constitute investment advice. Investors should make independent decisions and bear all risks themselves.
2. The copyright of this content belongs to the original author. The views expressed herein are solely those of the author and do not represent the stance or position of this website.
Next article:
博雅互动投资Web3资产管理平台BounceBit