White Hat Rescue Operation Saved SushiSwap (SUSHI) from Losing $350 Million

Global Crypto News
Published on: 18.08.2021

SushiSwap, a decentralized exchange, was saved from joining the long list of hacked DeFi platforms after a white hat discovered an exploit and prevented a potential $350 million theft. 

SushiSwap Rescued from Being Hack Victim

Samczsn, a research partner at venture capital firm Paradigm, prevented SushiSwap’s MISO platform from losing $350 million worth of ETH. MISO is Sushiswap’s launchpad platform for new tokens.

The BitDAO token sale which was auctioned on MISO earlier happened without a hitch. The auction raised more than 112,000 ETH ($341.7 million) from over 9200 participants.

According to a blogpost by Sam, the Paradigm researcher, upon deeper investigation, stated that he found a vulnerability in the MISO Dutch auction contract. What was initially thought to be a minor bug turned out to be a vulnerability that could enable a hacker to steal 109,000 ETH, which was valued at $350 million at the time.

An excerpt from the blog post reads:

“To my surprise (and horror), I found that a refund would be issued for any ETH sent which went over the auction’s hard cap. This applied even once the hard cap was hit, meaning that instead of rejecting the transaction altogether, the contract would simply refund all of your ETH instead.”

“Suddenly, my little vulnerability just got a lot bigger. I wasn’t dealing with a bug that would let you outbid other participants. I was looking at a 350 million dollar bug.”

Sam had to contact his colleagues at Paradigm Georgios Konstantopoulus and Dan Robinson, who in turn alerted SushiSwap’s chief technology officer (CTO), Joseph Delong, to the danger. Duncan Townsend, CTO of bug bounty platform Immunefi, and Mitchell Amador, the company’s founder and CEO were also involved in the rescue operation.

No Funds Lost

After some deliberation, it was decided that the BitDAO team in charge of the raise would purchase the remaining auction, thereby immediately concluding the process and forestalling any threats.

The rescue operation happened in under five hours and the team was able to prevent a potential hacker from draining over 100,000 ETH from the contract.

SushiSwap confirmed that no funds were lost, adding that:

“All future planned auctions utilizing the specific dutch auction contracts with ETH commitments have been paused until an updated version is redeployed.”

▶️ HEADLINES

▶️ SOURCE

 

Related
El Salvador Buys the Dip
Global Crypto News
08.02.2025
El Salvador Buys the Dip
India Reconsiders Crypto Policy
Global Crypto News
08.02.2025
India Reconsiders Crypto Policy
MetaMask’s Fiat Withdrawal Feature
Global Crypto News
01.02.2025
MetaMask's Fiat Withdrawal Feature
MicroStrategy Expands Bitcoin Holdings
Global Crypto News
01.02.2025
MicroStrategy Expands Bitcoin Holdings
Legal Challenges and Regulatory Shifts
Global Crypto News
18.01.2025
Legal Challenges and Regulatory Shifts
Stay Up to Date with Us
Market Stats:
BTC Dominance: 60.61%(+0.04%/24h)
ETH Dominance: 10.04%(-0.03%/24h)
Defi Market Cap: $102.6B(+13.72%/24h)
Total Market Cap: $3184.2B(+1.19%/24h)
Total Trading Volume 24h: $108.92B(+39.94%/24h)
ETH Market Cap: $319.42B
Defi to ETH Ratio: 32.12%
Defi Dominance: 3.1%
Altcoin Market Cap: $1254.25B
Altcoin Volume 24h: $68.7B
Total Cryptocurrencies: 33758
Active Cryptocurrencies: 10852
Active Market Pairs: 100035
Active Exchanges: 787
Total Exchanges: 10030
BTC: 97347.19$(-0.97%/1H)
ETH: 2651.24$(-1.16%/1H)
AVAX: 25.54$(-1.55%/1H)
BNB: 603.1$(-0.98%/1H)
MATIC: 0.31$(-0.49%/1H)
FTM: 0$(-0.27%/1H)
ADA: 0.7$(-1.28%/1H)
DOT: 4.86$(-0.9%/1H)
UNI: 9.24$(-0.99%/1H)
LINK: 18.72$(-1.94%/1H)
CAKE: 1.69$(-1.47%/1H)
SUSHI: 0.86$(-2.31%/1H)
ONE: 0.02$(-1.75%/1H)