Crypto

Gains Network Fork Bug Allowed Traders To Profit 900% On Every Trade: Report

1 Mins read

Last updated:

| 1 min read

A fork of the Gains Network – an ecosystem of DeFi products on Polygon and Arbitrum – was allowing traders to claim 10X gains on every trade, no matter the price of their tokens traded, according to blockchain security experts.

Gains Network Infinite Money Glitch

Gains Network holds a total value locked (TVL) of $20.29 million, according to DeFi Llama. Since its inception in May 2023, it’s handled $25 billion in derivatives trading volume.

An April 19 report from Zellic highlighted how one bug impacting a fork of the protocol allowed an attacker to place an arbitrarily high buy limit order and win every trade automatically.

Here’s how it worked: when an order was opened, the stop-loss price was stored in the protocol’s “currentPrice” variable, which calculates profit and loss. As such, if users set their stop/loss price above the open price, they could freely profit from the trade, without risk.

For example, assume Bitcoin’s price was $60,000, and the trader entered $59,000 as their open price, and $61,000 as their stop/loss. If the price fell to $59,000, the trade would be opened, but the price would immediately be below the trader’s stop-loss, triggering an immediate exit.

Under normal circumstances, this should result in exactly $0 in profit for the trader. However, since the stop-loss price of $61,000 was set as the protocol’s “current price”, the system record $2000 in profit for the user.

Fixing The Bugs

If an attacker did enough trades of the like with high enough stop/loss numbers, he could entirely drain the protocol of its funds. While the protocol did contain a check to stop those trying to set their stop-loss above their buy-order open price, other exploits were found allowing attackers to bypass the check.

Using certain figures, Zellic said traders could have scored a guaranteed profit of 900%.

This particular bug was only found within a fork of Gains Network, rather than Gains itself. However, Zellic also found a bug that impacted a previous version of the actual Gains protocol, letting traders profit 900% on sell orders.

Zellic informed multiple teams managing Gains forks including Gambit Trade, Holdstation Exchange, and Krav Trade of the vulnerabilities, and all have ensured that their protocols are no longer vulnerable. Other forks, it warned, could still be at risk of loss.

Read the full article here

Related posts
Crypto

'Fundamental Shift' in Traditional Bitcoin Market Cycle May Be on the Horizon

1 Mins read
Bitcoin’s bull market cycle is accelerating, CoinMarketCap says. It’s running 100 days ahead of its typical four-year cycle. This raises the possibility…
Crypto

FTX/Alameda Unstakes Over $1B in Solana – Is a Major Price Shift Coming?

1 Mins read
FTX/Alameda has unstaked over $1 billion in Solana (SOL), raising concerns about potential market impact. Despite this, SOL remains resilient, trading near…
Crypto

Man Utd launch Player Trading Cards digital collectibles and Fantasy United game | 31 July 2024

1 Mins read
Ronan Joyce, director of digital innovation at Manchester United, said: “Player Trading Cards allows United fans to collect the whole men’s first…
Get The Latest News

Subscribe to get the top fintech and
finance news and updates.

Leave a Reply

Your email address will not be published. Required fields are marked *