A blockchain sport native to layer-2 resolution Blast suffered a tokens exploit hours earlier than its gaming product launched.
Based on an announcement from the staff on X, Tremendous Sushi Samurai on L2 community Blast was exploited for $4.6 million resulting from a bug in its good contract code. On-chain safety agency CertiK additionally confirmed the quantity misplaced.
We’ve been exploited, it’s mint-related. We’re nonetheless trying into the code. Tokens had been minted and offered into the LP.
SSS staff on X
Tremendous Sushi Samurai launched its native crypto SSS on March 17 and scheduled its full sport launch on March 21. Nevertheless, an obvious white hat hacker leveraged the good contract vulnerability to provoke an infinite mint operate.
The exploiter doubled the token balances by transacting with themselves and finally mass promoting into SSS’s liquidity pool. Final month, an identical incident occurred with a contract that multiplied balances.
Per CoinGecko, this crashed the worth of SSS by over 99%. An replace from the staff mentioned that the hacker had established communications. The hacker’s message, seen on Blastscan, recommended it was a rescue mission and a plan to reimburse customers was within the works.
Sensible contract exploits are widespread in crypto, notably on newly launched networks like Blast. The Ethereum-based scaling community went stay earlier this month and skilled over $1.7 billion in withdrawals shortly after.
Based on DefiLlama, Blast remains to be one of many largest L2s as of writing, with greater than $1 billion in complete worth locked.