link.png

ID:

sharedstake-323

Date:

Status:

Incident Count:

June 24, 2021

Verified

2

info.png
target.png
REKT

Contributor:

chain.png

zerofriction.io

KYC By:

KYC:

None

info.png

Audit By:

Audits:

None

Loss Amount:

500,000

info.png

Recovered:

-

Rewards:

Currency:

USD, USDC, vETH2

info.png

Key Indicators

Platform:

Type:

Category:

Method:

Data Sources:

Ethereum

Protocol

Staking

Contract Vulnerabilities

Extended Method:

logic error - time lock bypass

info.png

Days in Operation:

378

(1.04 Years)

chain.png
chain.png
chain.png
chain.png
datasource.png

The Ethereum 2.0 staking solution SharedStake released an attacked report, stating that the reason the SharedStake token was minted before the official launch was due to the use of vulnerabilities in time-locked contracts (that is, smart contracts that perform certain operations at a fixed time) by internal personnel. The vulnerability was submitted to the team by the white hat Lucash-dev on April 26. Because a team member had permission to view the vulnerability, he used the vulnerability to cast a value of about 50 on the main network four times on June 19 and 23. Ten thousand USD tokens were sold and mortgaged after the official launch. Although there is not enough evidence, the core members of SharedStake suspect that it was the work of a new team member. SharedStake stated that it is currently fixing the loopholes and will manage multi-signature agreement funds in the future.

info.png

DISCLAIMER: While web3rekt has used the best efforts in aggregating and maintaining this database, this web site makes no representations or warranties with respect to the accuracy or completeness of its information and data herein, and specifically disclaim any implied warranties of merchantability or fitness for any particular purpose. 

Under no circumstances, shall web3rekt be liable for any loss of profit or funds, any regulatory or governmental penalties, any legal costs, or any other commercial and non-commercial damages, including but not limited to special, incidental, consequential, or other damages from any or all usage of the data and information derived from this database.