You can check the website statistics yourself or request them from us at [email protected]
On this platform, only organic high-quality traffic
Bitcoin
30,725

Gains Network Fork Bug Allowed Traders To Profit 900% On Every Trade: Report

A fork from the Gains Network, a suite of DeFi products operating on Polygon and Arbitrum, was reportedly enabling traders to achieve 10X returns on each transaction, irrespective of the token prices involved, as per blockchain security specialists.

Gains Network Infinite Money Glitch

Gains Network, which is tracked by DeFi Llama, has a total value locked (TVL) of $20.29 million. Since launching in May 2023, it has facilitated $25 billion in derivatives trading volume.

A report from Zellic on April 19 noted a significant vulnerability in a fork of the protocol that allowed an attacker to set an extremely high buy limit order, ensuring a win in every transaction.

Here’s the mechanism: When a trade was initiated, the protocol stored the stop-loss price in a variable called “currentPrice,” used to compute profit and loss. Therefore, if a user set their stop/loss price higher than the opening price, they could profit from every trade with no risk involved.

For instance, imagine Bitcoin was priced at $60,000. If a trader set their opening price at $59,000 and their stop/loss at $61,000, the trade would activate once the price hit $59,000. However, the price would already be under the stop-loss threshold, triggering an automatic closure of the trade.

Typically, this scenario should yield no profit. But in this case, since the stop-loss price of $61,000 was used as the “current price” by the system, it recorded a $2,000 profit for the trader.

Fixing The Bugs

If an attacker conducted numerous trades with excessively high stop/loss values, they could potentially deplete the entire fund of the protocol. Although the protocol incorporated a safeguard to prevent setting the stop-loss higher than the opening price of a buy order, additional loopholes were discovered that allowed attackers to circumvent this check.

According to Zellic, using specific numbers, traders could secure a profit margin of 900%.

This flaw was identified only in a fork of the Gains Network, not in the main Gains protocol. However, Zellic also detected a bug in an earlier version of the Gains protocol itself, which allowed traders to achieve 900% profits on sell orders.

Zellic notified various teams managing forks of the Gains Network, including Gambit Trade, Holdstation Exchange, and Krav Trade, about these vulnerabilities. These teams have confirmed that the issues have been addressed and their protocols are now secure. However, Zellic warned that other forks might still be vulnerable to similar exploits.

Related Posts

Leave a Reply

Confirm now and stay with our news

What we write about

I want to save money. Will cryptocurrency work?

Cryptocurrency is essentially virtual money that operates in a decentralized manner, not through a bank but directly on multiple independent computers.

Every cryptocurrency has two main components: the units of digital exchange called “coins” and the network within which the exchange takes place. These units can be transferred between wallets and exchanged on exchanges. The networks in which these coins exist are called blockchains, which translates to “chains of blocks.”

Latest Articles

Azuro Protocol Partners With zkSync Hyperchain Sophon
30.05.2024By
PayPal’s PYUSD Stablecoin on Solana Introduces ‘Confidential Transfers’ for Enhanced Privacy
30.05.2024By
Former Consensys Employee Launches Stablecoin ‘USD3’
30.05.2024By

Latest news

Azuro Protocol Partners With zkSync Hyperchain Sophon
30.05.2024
PayPal’s PYUSD Stablecoin on Solana Introduces ‘Confidential Transfers’ for Enhanced Privacy
30.05.2024
Former Consensys Employee Launches Stablecoin ‘USD3’
30.05.2024
NFTs are Highly Susceptible to Fraud and Scams: US Treasury Report
30.05.2024
Ethereum ETF Approval Was a Political Decision, Says Bloomberg Analyst James Seyffart
30.05.2024
Joint Global Tax Group Issue Crypto Risk Indicators to Financial Institutions
30.05.2024
Judge Throws Out DEBT Box Case, Orders SEC to Pay $1.8M
29.05.2024
Canada Warns of Rising Pig Butchering and Crypto Investment Scams
29.05.2024
Iggy Azalea’s MOTHER Memecoin Hit With Insider Activity Claims After Alleged Sahil Arora Scam
29.05.2024
DeFi Data Firm API3 Raises $4M in Funding Round Led by DWF Labs
29.05.2024