SushiSwap dev disagrees with hacker's 'billion dollar' bug finding

SushiSwap dev disagrees with hacker's 'billion dollar' bug finding

ambcrypto.com
3 min read
standard
A SushiSwap vulnerability report published by an anonymous white-hat hacker has been rejected by the developers behind the popular decentralized exchange. The hacker and his alleged vulnerabilities within SushiSwap's network first came to light through media reports. In the same, the hacker claimed users could endure losses of funds worth over $1 billion due to […]
A SushiSwap vulnerability report published by an anonymous white-hat hacker has been rejected by the developers behind the popular decentralized exchange.

The hacker and his alleged vulnerabilities within SushiSwap's network first came to light through media reports. In the same, the hacker claimed users could endure losses of funds worth over $1 billion due to these threats.

The hacker also conceded to going public with the information only after attempts to bring this to the attention of SushiSwap's developers confidentially did not result in any action.

In the report, the hacker claimed to have found a "vulnerability within the emergencyWithdraw function in two of SushiSwap's contracts, MasterChefV2 and MiniChefV2." These contracts govern the exchange's 2x reward farms and pools on non-Ethereum sidechains such as Binance Smart Chain, Polygon, Fantom, Avalanche, among others.

The emergencyWithdraw function provides a safety net to users using DeFi services, essentially allowing them to immediately withdraw their Liquidity Provider (LP) tokens in the…
Read full article