Balancer Labs tweeted that a white hat hacker today disclosed Balancer-related vulnerabilities through the Web3 bug bounty platform Immunefi. As a result, Balancer officially received a notification of a potentially exploitable scenario, and no user funds were at risk. The vulnerability scenarios involve double entry-point ERC20 tokens, including but not limited to Synthetix tokens (SNX and sBTC, etc.) and Balancer flash loans.
The Synthetix team is considering upgrading the contract next week to successfully remove the double-entry point and allow tokens to return to the vault without any intervention from the LP. Unfortunately, this medium-severity bug report will result in funds being temporarily frozen for transfers out of the V2 Vault without seeing a way for this vulnerability to lead to actual theft.
Everything happening in the crypto world, in real time
SkyBridge Capital Founder on Crypto Market: “We Haven’t Sold One Position”
How is ‘never down or stopped’ Ethereum’s health pre-Merge