Thirdweb Uncovers Security Flaw Affecting Smart Contracts

2023-12-6 00:54

Leading Web3 developer platform Thirdweb has recently uncovered a major security vulnerability in a widely used open-source library, impacting pre-built smart contracts and multiple NFT collections. This discovery has drawn concerns within the Web3 community.

Prompt Response and Collaborative Efforts

Thirdweb confirmed that, to their knowledge, no exploitation of this vulnerability occurred in projects utilizing their smart contracts. However, they have emphasized smart contract owners’ need to undertake specific actions concerning certain pre-built contracts developed on Thirdweb, preventing possible misuse.

IMPORTANT

On November 20th, 2023 6pm PST, we became aware of a security vulnerability in a commonly used open-source library in the web3 industry.

This impacts a variety of smart contracts across the web3 ecosystem, including some of thirdweb’s pre-built smart contracts.…

— thirdweb (@thirdweb) December 5, 2023

Thirdweb identified the vulnerability on November 20, affecting its pre-built smart contracts, including those on OpenSea and the Coinbase NFT platform. OpenSea acknowledged the issue and said, “Stay tuned for more info on how we can assist affected collection owners with any changes on OpenSea tied to contract migration.” 

Coinbase NFT also responded to the security vulnerability, being informed on December 1 about the affected collections on their platform. They said, “In line with thirdweb’s disclosure timeline, we timed outreach to builders who may have deployed impacted contracts before November 22, 2023.”

Both OpenSea and Coinbase NFT have also assured their users that no security breaches happened on their respective platforms, and customers can remain confident about the safety of their funds. Furthermore, the Layer 2 network Base said that the vulnerability affects some of Thirdweb’s pre-built contracts deployed on Base; however, “Base itself is unaffected by this issue. All funds on Base are safe.”

Mitigating Vulnerabilities and Ensuring User Safety

Addressing the smart contract security vulnerability issue, Thirdweb has shared an announcement with steps to take for those affected. They say, “Our immediate priority is to protect our customers impacted by this vulnerability. Users who deployed one of these impacted pre-built smart contracts using thirdweb’s dashboard or SDKs before November 22 at 7pm PST need to perform some mitigation steps.”

To address this vulnerability, Thirdweb recommends that affected smart contract owners lock their contracts, capture snapshots, and progress to new contracts. OpenSea and Coinbase NFT have committed to supporting collection owners while undergoing these mitigation steps.

This incident serves as a crucial reminder of the need for vigilance and prompt action in tackling security issues within the rapidly changing landscape of Web3 and NFTs.

The post Thirdweb Uncovers Security Flaw Affecting Smart Contracts appeared first on NFT News Today.

Similar to Notcoin - Blum - Airdrops In 2024

origin »

SherLOCK Security (LOCK) на Currencies.ru

$ 0.1387 (+1.71%)
Объем 24H $13
Изменеия 24h: 10.06 %, 7d: -33.06 %
Cегодня L: $0.1387 - H: $0.1387
Капитализация $0 Rank 3458
Доступно / Всего 0 LOCK / 4.969m LOCK

affecting security thirdweb nft contracts smart flaw

affecting security → Результатов: 29


Security Researcher Uncovers Witty Phishing Attack On Binance Exchange Users

Security Researcher Uncovers Clever Phishing Attack On Binance Users One of the major issues affecting the cryptocurrency industry and a major hindrance to its popularity is lack of security. Cryptocurrency exchanges have been targeted in hacks that have led to the loss of billions of dollars worth of cryptocurrency. However, it seems the attackers are […]

2019-6-3 22:31