HawkInsight

  • Contact Us
  • App
  • English

Slow fog: GMX v1 design flaw stole $42 million, and attackers manipulated global average prices by reentering to create large short positions

According to online reports, Slow Fog Cosine posted on social media: "The fundamental reason why GMX was stolen of US$42 million last night was that GMX v1 would immediately update the global Short Average Prices when processing short positions, and this global average price will directly affect the calculation of the total asset size (AUM), which in turn will lead to the manipulation of the GLP token price. The attacker took advantage of this design flaw and used Keeper to enable timelock.enableLeverage when executing an order (a necessary condition for creating a large short order) to successfully create a large short position and manipulate the global average price through reentry, so as to artificially raise the GLP price in a single transaction and profit through redemption operations. Doing DeFi is really a high-risk undertaking. GMX is a very old decentralized sustainable trading platform. This time, it has also stepped into a big pit. It is hard to say that the 10% white hat reward strategy will make attackers interested..."

Disclaimer: The views in this article are from the original Creator and do not represent the views or position of Hawk Insight. The content of the article is for reference, communication and learning only, and does not constitute investment advice. If it involves copyright issues, please contact us for deletion.

NewFlashHawk Insight
More