CVE-2021-3006 (Loopring(LRC) Protocol Incident)- If you are passionate about cryptocurrency. You should be alert of this. (4th Jan 2021)

Background: In November 2020, lots of DeFi platforms in Ethereum encounters a security incident, such as Pickle Finance, 88mph.

What Is Decentralized Finance (DeFi)?
By deploying immutable smart contracts on Ethereum, DeFi developers can launch financial protocols and platforms that run exactly as programmed and that are available to anyone with an Internet connection.

What Are Flash Loans in DeFi?
A loan from strangers is possible in DeFi. In order to fulfill this request. The individuals should repay the lender in the same transaction that issued the funds.

Vulnerability details: The Farm contract is deployed in every Seal pool and the function breed() in the contract is used to issue new Seal tokens.However there is no access control designed for the breed() function, anyone can calls the breed() function of the Farm contract.

CVE-2021-3006 Detail – https://nvd.nist.gov/vuln/detail/CVE-2021-3006

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.