EIP-7702 vulnerability leads to nearly one million dollars loss for DeFi projects, security agency issues protection recommendations.

robot
Abstract generation in progress

[Coin World] News on July 9, according to security agencies, recent multiple contract attack cases have utilized the features of EIP-7702 to bypass on-chain security checks, including msg.sender == tx.origin and msg.sender == _owner, leading to issues such as flash loan attacks and price manipulation, with losses reaching nearly one million dollars. Case analysis shows that attackers implemented attacks through malicious delegator authorization, affecting well-known DeFi projects including QuickConverter and multiple CSM liquidity pools.

The implementation of EIP-7702 enables EOA addresses to possess smart contract capabilities, rendering traditional security logic ineffective. Security agencies recommend that project teams enhance protection against flash loan attacks and reentrancy attacks, restructure EOA checks and permission management logic, and continuously monitor the delegator authorization status of administrator addresses to prevent potential risks.

View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • 2
  • Share
Comment
0/400
SnapshotLaborervip
· 07-09 08:37
Just playing people for suckers again.
View OriginalReply0
FOMOmonstervip
· 07-09 08:37
Still attacking, really Be Played for Suckers endlessly.
View OriginalReply0
Trade Crypto Anywhere Anytime
qrCode
Scan to download Gate app
Community
English
  • 简体中文
  • English
  • Tiếng Việt
  • 繁體中文
  • Español
  • Русский
  • Français (Afrique)
  • Português (Portugal)
  • Bahasa Indonesia
  • 日本語
  • بالعربية
  • Українська
  • Português (Brasil)