BlockSec Denied $532 Million Smart Contract Hack Rumours
Please note that we are not authorised to provide any investment advice. The content on this page is for information purposes only.
The well-known Chinese IT firm BlockSec disproves the widely circulated report of an Ethdev contract hack. BlockSec refuted this rumor by providing transaction screenshots, demonstrating that while an attacker could change ownership by using the “add owner” function, they could not breach the contract.
BlockSec clarifies: BlockSec is a blockchain security startup that primarily focuses on smart contract security, digital asset supervision, and anti-money laundering. It has, however, taken to Twitter to deny a persistent allegation that an Ethdev contract worth approximately $532 million was hacked.
Meanwhile, BlockSec tweeted on October 31 that the affected Ethdev contract is still largely intact.
BlockSec Denied Hacker Rumours Thanks To Usage of a Phalcon Simulation
The well-known Chinese IT firm BlockSec denies the widely publicized allegation of an Ethdev contract hack. It recently debunked a widely circulated rumor on its Twitter account that an Ethdev contract worth approximately $532 million was a hack. It should also be noted that BlockSec used Phalcon’s Simulation method to validate the security of a $532 million smart contract. BlockSec used Phalcon’s Simulation, a powerful transaction explorer designed for the DeFi community, to conduct a thorough investigation into the security of the $532 million Ethdev contract with tag (0xde0b295669a9fd93d5f28d9ec85e40f4cb697bae).
Furthermore, BlockSec disclosed that there have been several unsuccessful attempts to violate the smart contract by changing its ownership. The following is a tweet from BlockSec:
1/ Rumors said that everyone could hack the Ethdev contract (0xde0b295669a9fd93d5f28d9ec85e40f4cb697bae — with $532M). Lots of trials have been observed to change the owner of this contract. We will use Phalcon's simulation to tell you the truth that the contract is NOT hacked. pic.twitter.com/g4K4oaY7k2
— BlockSec (@BlockSecTeam) October 31, 2022
Exploiting Ethdev Ownership
Ethereum is vulnerable to hacks and breaches, including ownership breaches, because it is a neutral, open-source, publicly viewable, and immutable public ledger. When a smart contract function is an external function, it can be called by an attacker other than the deployer or the owner to make changes and carry out transactions. It is worth noting that an attacker can quickly exploit the ownership attack by invoking a function to change the data on a smart contract.
According to reports, the ownership breach was used to hack the specific Ethdev contract. However, BlockSec’s tweets debunked this rumor with transaction screenshots, demonstrating that while an attacker could change ownership by using the “add owner” function, they could not effectively breach the contract. BlockSec explains:
2/ We can simulate the execution of isOwner function to check whether an address is the contract's owner. Let's see the result of address 0xd9301bf972372ac0f33aa8734b1a23072df6db4c. Looks like it is NOT the owner even it can successfully execute the add Owner function. pic.twitter.com/ilRyOUFgIu
— BlockSec (@BlockSecTeam) October 31, 2022
Has the Reliability of Smart Contracts Increased?
When asked why the “add owner” function had not yet changed, BlockSec stated that it did so even when the caller was not the true OWNER of the contract. Although the ownership problem is entirely avoidable, it has been used to successfully hack into several smart contracts.
Blockchain security experts have proposed two potential solutions to the ownership exploit of the problem. These are the Owner contract and the OpenZeppelin custom modification. One of these may have been used to obtain the contested Ethdev contract.
Related
- Invest In Cryptocurrency – How To Invest In Cryptocurrency For Beginners
- Where To Buy Cryptocurrency in USA – How To Buy Cryptocurrency For Beginners in 2022
