ParaSwap, a decentralized finance (DeFi) aggregator, recently discovered a critical vulnerability in its newly launched Augustus v6 contract. However, through timely intervention by white hat hackers, the platform managed to prevent a significant loss of funds.
The Augustus v6 contract was launched on March 18 with the aim of improving swapping efficiency and reducing gas fees. Unfortunately, it contained a vulnerability that allowed hackers to drain funds if approved. Upon discovering the vulnerability on March 20, ParaSwap immediately paused the v6 application programming interface (API) and ensured the safety of users’ funds through a white hat hack.
Despite ParaSwap’s proactive measures to address the issue and inform users about the necessary precautions, the hacker still managed to cash out approximately $24,000 from four different addresses. In total, 386 addresses were affected by the vulnerability, as revealed by ParaSwap. The protocol urged users to report any additional losses that may have gone unnoticed during the initial investigation.
Furthermore, ParaSwap deactivated support for the vulnerable v6 contract on its updated user interface (UI) and reverted to using v5. The company assured that funds have been successfully recovered for all affected addresses and promised to share more details about the refund process soon.
To mitigate further risks, ParaSwap advised users to revoke permissions to the Augustus v6 contract until the vulnerability is resolved. It also recommended utilizing exploit checker services like Revoke to ensure their safety.
In other news, a research paper published by Salus Security, a blockchain security company, highlights the limitations of generative artificial intelligence (AI) tools like ChatGPT-4 when it comes to acting as reliable security auditors. While these tools are proficient at generating code, they struggle to perform as comprehensive security auditors. The researchers found that ChatGPT-4 had a high precision rate of over 80% in detecting true positives, but it still falls short in real-world testing scenarios.
On a different note, Cape Town in South Africa is emerging as a digital-nomad crypto hub. With its vibrant crypto community and supportive infrastructure, Cape Town has become an attractive destination for crypto enthusiasts and professionals alike.