Connect with us

News

Ethereum-based AirSwap reports vulnerability issue on newly released smart contract

Mark Prestwood

Published

on

Source: Pixabay


AirSwap reported that their development team had detected a ‘critical vulnerability’ in a recently launched AirSwap smart contract. According to a blog released on medium, AirSwap, a decentralized token-trading platform built on the Ethereum blockchain, revealed that on 12th September, the internal security review team recognized a major flaw in the mainnet of the smart contract.

The vulnerability would have allowed any hacker to perform a swap with another party without requiring their signature. It was stated that the tainted code was active in the system for less than 24 hours and only a few addresses were affected. The article stated,

“When the issue was detected, the team immediately rolled back AirSwap Instant to use the original smart contracts. Both the AirSwap Instant and Trader products are no longer affected by the vulnerability.”

The AirSwap team also carried out a few remediations after the vulnerability was reported. Dev team initiated identification of affected users and started the process of de-risking [process of protecting user asset without alerting the network]. All vulnerable components were removed from the production AirSwap UI and from all related tools.

AirSwap released a statement of apology and remarked,

“We would like to deeply apologize to our affected users for any inconvenience these vulnerabilities may have caused, and hope that the important lessons we continue to learn throughout these processes form the basis for a more open, secure, and efficient trading environment.”

Mark is a full-time member of the Editorial team of AMBCrypto. With his five-year experience as a business editor for one of the largest dailies in the US, Mark brings sanity and order to our editorial team. Mark is a business major and loves building automotive parts when he's not working. Email him at [email protected] or [email protected]