SushiSwap Heist Defused By White Hats

0
90
Sushiswap
Sushiswap

Paradigm and its associates may well have prevented the loss of around $350 million worth of Ether from SushiSwap’s platform- Miso. This group of people in the cryptocurrency community were led by Sam Sun, the research partner of Paradigm- which managed to discover and subsequently fixes a bug that was found on the platform in just under 5 hours. Due to the collective efforts, the crypto asset has claimed that no funds were lost. 

This is in accordance with a post that was published by SushiSwap on Monday where it claimed that Sam Sun and his colleagues- Daniel Robinson and Georgios Konstantopoulos reached out to the R&D team of Sushi to make them aware of a vulnerability on the auction contract on Miso.

It is to be noted that all the members of this rescue party hail from San Francisco. Also, in a Dutch auction, most investors simply have to place their bids that reflect the maximum amount that they would be delighted to pay. Once these bids are dealt with, the highest bid is declared the definitive winner. 

The vulnerability of SushiSwap’s Miso

Both Paradigm and the team from SushiSwap managed to identity that essentially, the vulnerability, that was reported, was centered around the ability of the bug to batch several multiple calls to commitEth while reusing a single msg.value across every single commitment that took place during the auction- thereby allowing a hacker to bid in the auction for free. 

The team from SushiSwap mentioned that the combination of the batch with commitEth did create a two-pronged issue where any user could definitely put up a commitment that would be higher than the msg.value– which would drain any tokens which were unsold as well as additionally draining the raised funds on the contract.