HypurrFi disclosed a "rounding error" vulnerability in an early version of Aave V3 and has suspended new lending and borrowing in the XAUT0 and UBTC markets.

PA一线
PA一线

PANews reported on March 6th that HypurrFi, the native decentralized lending protocol of HyperEVM, announced on the X platform that versions of Aave prior to V3 3.5 contain a "rounding error" vulnerability. Under certain conditions, attackers could extract underlying tokens by repeatedly executing supply/withdrawal and lending/repayment cycles. The affected markets are XAUT0 and UBTC in HypurrFi Pooled. Currently, user funds are not at risk. To ensure security, new supply and lending operations have been suspended in the affected markets, while withdrawal and repayment functions remain operational. Other markets are running normally. HypurrFi added that it quickly detected the issue on-chain through its internal monitoring system and promptly froze the affected markets. It is also collaborating with other Aave deployers and security researchers to address the issue and has invited other Aave forks to contact them for more security information.

Share to:

Author: PA一线

This content is for market information only and is not investment advice.

Follow PANews official accounts, navigate bull and bear markets together
Telegram Discussion Group
Telegram News Channel
@PANews
Recommended Reading
PA一线

PA一线

Xiaomi's mobile agent "Xiaomi miclaw" begins limited closed beta testing.
PA一线

PA一线

A Gnosis Safe wallet withdrew 577.5 XAUTs from OKX and Bybit.
PA一线

PA一线

BTC fell below $71,000, down 0.94% on the day.
PA一线

PA一线

Arthur Hayes: The economic ripple effects of the US-Iran conflict may force the Federal Reserve to print money to provide relief.
PA一线

PA一线

SlowMist: Beware of Fake imToken Chrome Extensions
PA一线

PA一线

US Democrats are considering legislation to restrict prediction markets, raising concerns about insider trading related to the Iran war.

Popular Articles

Industry News
Market Trends
Curated Readings
Subscribe