Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
Multichain DeFi aggregator, ParaSwap has debunked claims that it suffered an exploit today, saying the suspected address had no power after deployment.
No vulnerability found! Please check the facts & Don't Trust, Verify!
Weâll follow up with analysis & an explanation of whatâs a deployer address and how we made sure they have no power at all! https://t.co/uQKVncMZof
â ParaSwap (@paraswap) October 11, 2022
Supremacy raised alarm of profanity vulnerability
Blockchain security company Supremacy Inc. claimed that Paraswapâs deployer address private key might have been compromised due to a profanity exploit, adding that âfunds have been stolen on multiple chains.â The firm continued, âthe deployerâs address is associated with multiple multi-sign wallets.â
1/ Hi @paraswap ,I heard that you want to see this? your deployer address private key may have been compromised (possibly due to Profanity vulnerability) and funds have been stolen on multiple chains.https://t.co/ijHaTwAj0l
â Supremacy Inc. (@Supremacy_CA) October 11, 2022
An Etherscan link attached to the tweets showed a transfer of 0.4320 ETH ($555.32) to another address tagged QANplatform Bridge Exploiter 2.
Another blockchain security firm BlockSec confirmed that ParaSwapâs and Curve Finance deployerâs addresses were vulnerable to the Profanity vulnerability.
1/ We confirmed that both @paraswap deployer address (0x490ce4616672e93b1c8f5e43aa80312fd73dee8c) and @curve deployer address(0x07a3458ad662fbcdd4fca0b1b37be6a5b1bcd7ac) are vulnerable to the profanity vulnerability. The private keys can be recovered. https://t.co/APRXSt1gJh
â BlockSec (@BlockSecTeam) October 11, 2022
ParaSwap debunks exploit claims
ParaSwapâs investigation into Supremacy revealed that it had âno vulnerability.â According to the DeFi platform, the address âpaid the gas and retired,â adding that âProfanity addresses usually have trailing zeros.â
The firm also stated that it would âfollow up with analysis & an explanation of whatâs a deployer address and how we made sure they have no power at all!â
Curve Finance rehashed ParaSwapâs statement, saying, âboth are throwaway deployers, they control nothing. So no reason to worry there.â
Meanwhile, the ParaSwap teamâs prompt response to the situation attracted praise from the crypto community.
Great response from @paraswap regarding the concern for a possible Profanity exploit.
Appreciate the rapid updates https://t.co/uwP2jYpTRm pic.twitter.com/FePteO75uCâ CryptoCondom (@crypto_condom) October 11, 2022
Profanity address vulnerability
Several crypto projects using Vanity addresses have lost millions to the Profanity vulnerability since it was identified in September by 1inch. Malicious players could recover private keys of any vanity address generated with Profanity.
Reports have revealed how bad actors have used the vulnerability to hack several crypto projects. Crypto market maker Wintermute lost over $160 million to the profanity address vulnerability.
The post ParaSwap debunks claims of susceptibility to profanity address vulnerability appeared first on CryptoSlate.
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.