GoPlus: Recently, EIP-7702 has triggered multiple contract attacks. It is recommended that the project party strengthen measures such as flash loan attack protection

PANews
2025/07/09 15:56

PANews reported on July 9 that according to security agency GoPlus, many recent contract attack cases have used EIP-7702 features to bypass on-chain security check mechanisms, including msg.sender == tx.origin and msg.sender == _owner, resulting in flash loan attacks and price manipulation, with losses reaching nearly one million US dollars. Case analysis shows that attackers authorized attacks through malicious delegators, affecting well-known DeFi projects including QuickConverter @QuickswapDEX and multiple CSM funding pools.

The implementation of EIP-7702 enables EOA addresses to have smart contract capabilities, and traditional security logic becomes invalid. GoPlus recommends that project owners strengthen protection against flash loan attacks and reentry attacks, reconstruct EOA inspection and permission management logic, and continue to pay attention to the delegator authorization of administrator addresses to prevent potential risks.

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact service@mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.

You May Also Like

GMX: Trading on GMX V1 and the minting and redemption of GLP have been suspended. About $40 million has been stolen

GMX: Trading on GMX V1 and the minting and redemption of GLP have been suspended. About $40 million has been stolen

PANews reported on July 9 that according to GMX officials, GMX V1 's GLP pool on Arbitrum suffered a vulnerability attack, and about $ 40 million of tokens were transferred
GMX
GMX$11.63-17.45%
Share
PANews2025/07/09 22:40
Shiba Inu replacement priced below $0.0015 could hit $2b market cap in 2025

Shiba Inu replacement priced below $0.0015 could hit $2b market cap in 2025

Little Pepe gains traction under $0.0015, blending meme hype with Layer 2 tech and real token utility. #partnercontent
BitShiba
SHIBA$0.000000000538-0.92%
Capverse
CAP$0.0991-2.38%
GAINS
GAINS$0.02362+1.02%
Hyperliquid
HYPE$40.34+3.62%
Memecoin
MEME$0.001587+1.53%
Share
Crypto.news2025/07/10 00:54
Linda Yaccarino Announces Resignation as X Platform CEO

Linda Yaccarino Announces Resignation as X Platform CEO

PANews reported on July 9 that Linda Yaccarino posted on X that she has decided to step down after two years as CEO of the X platform. Yaccarino said she
Share
PANews2025/07/09 22:47

Trending News

More

GMX: Trading on GMX V1 and the minting and redemption of GLP have been suspended. About $40 million has been stolen

Shiba Inu replacement priced below $0.0015 could hit $2b market cap in 2025

Linda Yaccarino Announces Resignation as X Platform CEO

H100 Group increased its holdings by 46.93 bitcoins, bringing its holdings to 294.5 bitcoins

In the past 24 hours, the total network contract liquidation was 172 million US dollars, mainly long orders