A loophole in the code allowed to withdraw of a “virtually unlimited” amount of ETH

Hacker awarded $2 million for discovering fatal vulnerability in Ethereum roll-up

16.02.2022 - 12:00

298

1 min

What’s new? Hacker Saurik discovered a vulnerability in Optimism, an Ethereum scaling solution. The hacker published a report and reported the bug to the developers, he received a reward of $2 million. This vulnerability could have caused major losses on the part of the platform.

Saurik’s report

What was the vulnerability? While reviewing the nano payment protocols, the hacker discovered a bug that allowed the withdrawal of “virtually unlimited” amounts of ETH. A similar bug was found in the Wormhole cross-chain and caused the network to lose $340 million.

What does the community say about this? The users began to argue about the amount of the reward. But everyone agreed that if a black hat hacker had been exploited the vulnerability, the damage to the protocol would have been enormous.

Large payments like this encourage users to report their “discoveries” rather than take advantage of the vulnerability. Such white hackers help companies save billions annually.

Author:

Vasiliy Smirnov Vasiliy Smirnov

Subscribe to Getblock Magazine and stay up to date with the latest news from the world of cryptocurrencies and the digital economy