Security firm Dedaub finds critical vulnerability in Uniswap smart contract
Quick Take
- Security auditing firm Dedaub said it found a critical vulnerability in Uniswap’s Univeral Router smart contract that allowed third parties to steal funds during token transfers.
- No funds were stolen, and the bug was patched by the Uniswap team.
- Dedaub received a “bug bounty” of $40,000 in USDC for its discovery.
Security auditing firm Dedaub received a Uniswap "bug bounty" worth $40,000 after discovering a critical vulnerability in a smart contract on the protocol.
The vulnerability was found in Uniswap’s Universal Router contract, a new technology and scripting language that allows users to swap multiple tokens for NFTs in one transaction.
Dedaub said on Twitter that the vulnerability could have allowed someone to implement third-party code during a transfer and steal funds.
“Clearly, the UniversalRouter should not hold any balances between transactions, or these can be emptied by anyone,” founder of Dedaub Yannis Smaragdakis wrote.
The UniversalRouter contract is capable of performing several transaction commands in a row on the back end, which improves the user experience. Dedaub found that the contract did not have what is known as a re-entrancy lock, which mitigates hackers from making additional commands during transfers that would allow them to steal funds.
Dedaub said it received immediate confirmation from the Uniswap team a few weeks ago when it first found the vulnerability. It received $40,000 in USDC for the discovery of the bug.
(Corrects spelling of Dedaub throughout.)
© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.