News

Sturdy has suffered a security breach resulting in the theft of 442 ETH

Jyotirmoy Barman

Jun 15, 2023 — 1 min read

Sturdy experienced a security breach that resulted in the theft of 442 ETH. The breach was due to a read-only reentrancy exploit, a type of loophole in smart contracts.

Reentrancy exploits occur when a malicious actor calls a contract, and the contract updates its internal state, does a callback to the actor, and the actor re-calls the original contract. Most crypto hacks due to reentrancy issues are caused by state-altering functions not being guarded against or not following the checks-effects-interactions pattern.

However, SturdyFinance's exploit was a read-only reentrancy issue. In read-only reentrancy, the state-altering function(s) are guarded, but view functions (which only read state) are not protected. The issue occurred when SturdyFinance allowed users to borrow against Balancer LP tokens, which have a known read-only reentrancy exploit in its joinOrExit function.

The attacker used a callback to withdraw tokens, which updated the real token balance but not Balancer's accounting values. This led to Sturdy Oracle calculating the wrong asset price when called on the fallback.

This incident highlights the importance of understanding smart contract vulnerabilities and implementing proper security measures to prevent future attacks.

Aleph Zero Joins CAMARA as the First Blockchain Organization

Brussels, Belgium, September 6th, 2024, Chainwire Aleph Zero will work alongside the world’s largest telecommunications organizations to help to develop standardized blockchain APIs for the industry Aleph Zero, a blockchain ecosystem engineered for speed, data confidentiality, and ease of development, has officially joined the CAMARA Foundation as a General

Agora-Backed AUSD Stablecoin is Live on Sui

Grand Cayman, Cayman Islands, September 5th, 2024, Chainwire After successful launches on other major networks, AUSD has deployed on Sui, tapping into the scalable, high-performance network and strengthening Sui’s stablecoin ecosystem. Agora, the stablecoin company led by early-stage finance and technology industry veterans Nick van Eck, Drake Evans, and

Yuga Labs Launches Team to Develop NFT DApps for ApeChain

Yuga Labs, known for its popular NFT collections, is stepping up its efforts in the NFT DApp space with the announcement of a new internal team called The Workshop. CEO Greg Solano revealed on August 31, 2024, that this team will focus on rapidly developing NFT DApps and other blockchain

Floki Announces Partnership with OG Esports for Valhalla Metaverse Game

Miami, Florida, September 4th, 2024, Chainwire Floki is thrilled to announce a new partnership with OG Esports, aligning with Valhalla, an innovative play-to-earn metaverse game built on blockchain technology, designed to offer players a unique and rewarding gaming experience. Valhalla is an MMORPG that combines open-world exploration with strategic turn-based

Read more

Aleph Zero Joins CAMARA as the First Blockchain Organization

Agora-Backed AUSD Stablecoin is Live on Sui

Yuga Labs Launches Team to Develop NFT DApps for ApeChain

Floki Announces Partnership with OG Esports for Valhalla Metaverse Game