avatar

SlowMist Says ERC721R Sample Contract Flaw is Essentially Due to Excessive Owner Privileges

Core Go Pocket developer Ben said a flaw in the ERC721R sample contract could be exploited by the project to perform RugPull. According to the preliminary analysis of the SlowMist security team, this flaw is essentially due to the problem of excessive owner permissions. In the ERC721R example contract, the owner can arbitrarily set the NFT address returned by the user via the setRefundAddress function.
Source

Security Incidents

NFT

Related News
Bybit hackers move over half the stolen ETH onto Bitcoin, largely using ThorChain Bybit hackers move over half the stolen ETH onto Bitcoin, largely using ThorChain
Stablecoin neobank Infini exploited for $49 million: security analysts Stablecoin neobank Infini exploited for $49 million: security analysts
Sony’s Soneium debuts its first music NFT collection with crypto record label Sony’s Soneium debuts its first music NFT collection with crypto record label
NoOnes CEO Ray Youssef discloses $8 million exploit weeks after the fact, confirming crypto sleuth ZachXBT's investigation NoOnes CEO Ray Youssef discloses $8 million exploit weeks after the fact, confirming crypto sleuth ZachXBT's investigation
Arbitrum, Azuki-backed Animecoin unveils tokenomics with over 50% community allocation Arbitrum, Azuki-backed Animecoin unveils tokenomics with over 50% community allocation
Latest News More More
2 Days Ago 0xbow unveils ‘Privacy Pools,’ a new blockchain privacy tool drawing from Vitalik Buterin’s research
March 27 Ethereum edges closer to deploying Pectra on mainnet with successful upgrade on Hoodi testnet
March 27 MEXC Extends DEX+ Platform to Binance Smart Chain Users
March 25 Binance suspends employee for allegedly profiting off of insider information
March 25 BlackRock launches bitcoin ETP in Europe following US success

About TokenInsight

Services

Products

Support

Google Play
Google Play
Google Play
2018 – 2023 © TokenInsight Ltd. All rights reserved
Disclaimer Terms of Service Privacy Policy
delate
Use TokenInsight App All Crypto Insights Are In Your Hands
Open