More
- Topic1/3
12k Popularity
7k Popularity
13k Popularity
6k Popularity
2k Popularity
- Pin
- 🎊 ETH Deposit & Trading Carnival Kicks Off!
Join the Trading Volume & Net Deposit Leaderboards to win from a 20 ETH prize pool
🚀 Climb the ranks and claim your ETH reward: https://www.gate.com/campaigns/site/200
💥 Tiered Prize Pool – Higher total volume unlocks bigger rewards
Learn more: https://www.gate.com/announcements/article/46166
- 📢 ETH Heading for $4800? Have Your Say! Show Off on Gate Square & Win 0.1 ETH!
The next bull market prophet could be you! Want your insights to hit the Square trending list and earn ETH rewards? Now’s your chance!
💰 0.1 ETH to be shared between 5 top Square posts + 5 top X (Twitter) posts by views!
🎮 How to Join – Zero Barriers, ETH Up for Grabs!
1.Join the Hot Topic Debate!
Post in Gate Square or under ETH chart with #ETH Hits 4800# and #ETH# . Share your thoughts on:
Can ETH break $4800?
Why are you bullish on ETH?
What's your ETH holding strategy?
Will ETH lead the next bull run?
Or any o
- 🧠 #GateGiveaway# - Crypto Math Challenge!
💰 $10 Futures Voucher * 4 winners
To join:
1️⃣ Follow Gate_Square
2️⃣ Like this post
3️⃣ Drop your answer in the comments
📅 Ends at 4:00 AM July 22 (UTC)
- 🎉 [Gate 30 Million Milestone] Share Your Gate Moment & Win Exclusive Gifts!
Gate has surpassed 30M users worldwide — not just a number, but a journey we've built together.
Remember the thrill of opening your first account, or the Gate merch that’s been part of your daily life?
📸 Join the #MyGateMoment# campaign!
Share your story on Gate Square, and embrace the next 30 million together!
✅ How to Participate:
1️⃣ Post a photo or video with Gate elements
2️⃣ Add #MyGateMoment# and share your story, wishes, or thoughts
3️⃣ Share your post on Twitter (X) — top 10 views will get extra rewards!
👉
Cellframe Network suffered a flash loan attack, resulting in a loss of $76,000.
Cellframe Network Suffers Flash Loan Attack Analysis
On June 1, 2023, at 10:07:55 (UTC+8), Cellframe Network was hacked on the Binance Smart Chain due to a token calculation issue during the liquidity migration process. The attack resulted in a profit of approximately $76,112 for the hacker.
Attack Details
The attacker first obtained 1000 BNB and 500,000 New Cell tokens through Flash Loans. Then, they exchanged all New Cell tokens for BNB, causing the amount of BNB in the pool to approach zero. Finally, the attacker exchanged 900 BNB for Old Cell tokens.
It is worth noting that the attacker added liquidity for Old Cell and BNB before carrying out the attack, obtaining the Old lp.
Attack Process
The attacker calls the liquidity migration function. At this time, there is almost no BNB in the new pool, and there are almost no Old Cell tokens in the old pool.
The migration process includes: removing old liquidity and returning the corresponding amount of tokens to users; adding new liquidity according to the ratio of the new pool.
Due to the almost non-existent Old Cell tokens in the old pool, the amount of BNB obtained when removing liquidity increases, while the number of Old Cell tokens decreases.
Users only need to add a small amount of BNB and New Cell tokens to obtain liquidity, and any excess BNB and Old Cell tokens will be returned to the user.
The attacker removes the liquidity from the new pool and exchanges the Old Cell tokens returned from the migration for BNB.
At this time, there are a large number of Old Cell tokens in the old pool but no BNB. The attacker will exchange the Old Cell tokens back into BNB to complete the profit.
The attacker repeatedly performs the migration operation.
Vulnerability Root
The calculation of token quantities during the liquidity migration process has issues, allowing attackers to profit by manipulating the pool ratios.
Security Recommendations
When migrating liquidity, one should fully consider the changes in the quantities of both tokens in the old and new pools, as well as the current token prices.
Avoid directly using the quantities of the two currencies in the trading pair for calculations, as this can be easily manipulated.
Conduct a comprehensive security audit before deploying the code to prevent potential vulnerabilities.
This event highlights once again the importance of considering various situations comprehensively when designing and implementing complex financial operations, especially when it involves sensitive operations such as liquidity migration. At the same time, it also reminds us that the importance of security audits in the blockchain ecosystem should not be overlooked.