The risk of arbitrary calls

On February 28th, a critical vulnerability was exploited in Seneca's Chamber contracts. The attacker used this vulnerability to steal user funds who approved more than the collateral for Chamber contracts. This attack specifically targeted assets held in users' wallets, not funds directly deposited into Seneca's core system (TVL + Staking).

Exploit Analysis

  • The attacker targeted the performOperations() function within the Seneca’s Chamber.sol contract. This function allows arbitrary calls to other contracts, and the attacker exploited it to execute a .transferFrom() call. This enabled the attacker to use the Chamber contract as spender to transfer tokens directly from approved users' wallets to the attacker’s wallet. This attack affects all users who approved collateral amounts exceeding their actual deposits when using Chamber contracts.

  • A total of $6.4 million was stolen. Fortunately, approximately $5.3 million (80%) was recovered after a whitehat hacker intervened and returned the majority of the funds, keeping $1.04 million (20%) as a bounty.

  • Here is one of the exploit txs: https://etherscan.io/tx/0x9f3712672be7a120757d42fbe15ceefe9578914946bacbd0f3531e7fb7305576

Conclusion

As a developer, when building your own project, does not trust any user input. Any parameter given must be carefully validated by the code. Calls to untrusted contracts can introduce several unexpected risks or errors. External calls can trigger malicious code, either within the target contract or across its ecosystem. Every external call should be treated as a potential security risk and must be processed with extreme caution.

Furthermore, conducting a security audit is strongly recommended for all projects, even though they are smart contracts, backends, wallets, or dapps.

As a blockchain user, remember: approving tokens grants strangers access to spend them as they please. Avoid infinite approvals, always allocate the exact amount needed for each transaction, even if it incurs additional fees. Proactively review and revoke unnecessary approvals to safeguard your money now.

Thanks for reading Verichains! Subscribe for free to receive new posts and support my work.

Sector:
Solana Ecosystem
SEC Security Token
Layer 1
Source
Disclaimer: The content above is only the author's opinion which does not represent any position of Followin, and is not intended as, and shall not be understood or construed as, investment advice from Followin.
Like
Add to Favorites
Comments
Relevant content