December 6, 2024

[ad_1]

The attack occurred after Tender.fi upgraded its price feed to relay data from a Chainlink pricing oracle as opposed to a time-weighted average price (TWAP). The code, which was audited by PeckShield, contained an error and returned a number with too many zeros behind it. This meant the attacker was able to deposit one GMX token, worth around $70, effectively tricking the system into allowing infinite borrows, according to a postmortem published on Tender.fi’s Medium page.

[ad_2]

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *