The popular TicTalk viral “mem coin” SafeMoon may be exposed to malicious exploits by hackers due to perceived security vulnerabilities in its smart contract code.
According to a smart contract audit by blockchain security firm HashEx, SafeMoon currently has 12 such vulnerabilities, five of which are classified between “serious” and “high-critical” in nature.
As part of its findings, the HashX audit alleges SafeMoon is vulnerable to a “temporary ownership abandonment” attack and later pulls a $ 20 million rug. According to HashX, the owner of the SafeMoon contract is an externally owned account or EOA, which controls a significant proportion of the coin’s liquidity.
In the event of EOA being compromised by internal or external rogue actors, an attacker can eliminate the liquidity pool. Indeed, the HashX team alleges that a hacker may temporarily override any attempts by SafeMoon developers to send tokens to the burn address.
However, the SafeMoon team has countered with HashX’s findings, telling Cointegraph that the contract ownership is held securely. The One SafeMoon developer said the team was aware of the issue with policies in place to ensure that the owner wallet is never linked to any third-party decentralized applications.
In addition to the $ 20 million rug bridge capability, HashX has also identified some allegedly problematic contract set actions that could allow an attacker to exclude certain users from receiving rewards or distributing rewards to a specific wallet .
Under normal circumstances, a 10% charge is levied on each SafeMoon token sale, half of which is disbursed to existing holders as prizes. However, HashX alleges that an attacker can set contract actions such as fees, and snatch the maximum transaction amount for any value and 100% commission from each sale.
In fact, during a potential attack, a hacker can steal the proceeds from each token sale and redirect it to a specified wallet. Indeed, taking all of these perceived weaknesses into account, the blockchain security firm states that an attacker can synergize these alleged flaws to launch a wide range attack.
Responding to the HashX audit, SafeMoon’s chief technology officer Thomas Smith said the team was aware of issues that had already been reported by its smart contract auditor Certic.
According to Smith, many of the concerns raised by HashEx will require a hard fork to resolve. Echoing the sentiments shared by the previously cited Safemoon Dev, Smith stated:
“By addressing these other issues, such as being able to have the ownership renounce contract withdraw by the employer, we are never going to renounce and have clarified our stance on that in the past. Internally we have policies And procedures are how the contract operates to minimize the risk of mispricing values, however, you will never see us revise the fee or the maximum tx.
SafeMoon is currently down nearly 69% from its all-time high of April. Indeed, back in April, Cointegraph reported that market reviewers believed the Binance Smart Chain-based project had a parabolic price rally Unsustainable.
B.Sc Based Projects Increasingly becoming a victim of hacks and exploits As the decentralized finance protocol sought to build a house on the Binance chain after a sustained period of high transaction costs on the Ethereum network.
As previously reported by Cointegraph, the BSC Defy Protocol PancakeBunny recently Plunges 79% after $ 200 million flash loan attack. In April, Uranium Finance – another BSC-native protocol – $ 50 million suffered malicious exploitation.