KyberSwap loses $46M to "infinite money glitch" exploit on concentrated liquidity feature
Doug Colkitt, founder of Ambient Exchange, has revealed that the thief who stole $46 million from KyberSwap used a sophisticated smart contract exploit known as an "infinite money glitch." The attacker exploited KyberSwap's concentrated liquidity feature, tricking the contract into thinking it had more liquidity than it actually did. This exploit is unique to Kyber's implementation of concentrated liquidity and is unlikely to work on other decentralized exchanges. Despite the presence of a failsafe mechanism, the attacker was able to execute a carefully engineered smart contract exploit by setting the swap quantity just below the upper bound for reaching the tick boundary. The attacker has expressed a willingness to negotiate the return of some of the stolen funds.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
SEC to receive record $8.2 billion from enforcement in fiscal 2024, mostly from Terraform Labs
CAT becomes the only BSC chain token in the top 20 Wintermute market-making meme coins
BTC falls below $97,000