A team of investigators has spotted a vulnerability and a way to exploit Gas Token, an asset conceived as a way to tokenize Ethereum gas. The vulnerability falls within the spectrum of smart contract flaws, and may allow for the creation of unlimited amounts of Gas Token. The danger will mostly affect exchanges, and not separate users.
The Level K group of researchers noticed the vulnerability could be exploited in the event of withdrawing ETH from exchanges.
“Many exchanges allow the withdrawal of Ethereum to arbitrary addresses with no gas usage limit. Since sending Ethereum to a contract address executes its fallback function, attackers can make these exchanges pay for arbitrary computation. This...
This article appeared first on Cryptovest