linea-token-list icon indicating copy to clipboard operation
linea-token-list copied to clipboard

Published 20 hours ago verified publisher icon Consensys

linea-park Exploiting vulnerabilities to obtain LXP

Open 0x0James opened this issue 1 year ago • 0 comments

Explain that I accidentally discovered that all tasks of holding NFT can be completed by authorizing the NFT contract to the NFT trading platform.

The following is based on Yuliverse listed as examples

Yuliverse has completed the task at 535699 addresses, but the address of the NFT contract holder is only 420073. Why are there 100,000 more addresses? After my observation, I found that they can complete the task by calling the contract to authorize the NFT to the element trading platform, and this is a large studio robot with a large number of addresses that automatically performs these operations every minute.

1 2 3 4 5

I randomly clicked on some addresses for authorization interaction and found that these addresses all belong to the same owner, and their behavior paths are consistent. This is a major studio exploiting a vulnerability to complete the mission to gain LXP. This is very unfair to ordinary users.

I hope the team bans these addresses in LXP and fixes this vulnerability。

0x0James avatar Mar 28 '24 08:03 0x0James