🌟 Photo Sharing Tips: How to Stand Out and Win?
1.Highlight Gate Elements: Include Gate logo, app screens, merchandise or event collab products.
2.Keep it Clear: Use bright, focused photos with simple backgrounds. Show Gate moments in daily life, travel, sports, etc.
3.Add Creative Flair: Creative shots, vlogs, hand-drawn art, or DIY works will stand out! Try a special [You and Gate] pose.
4.Share Your Story: Sincere captions about your memories, growth, or wishes with Gate add an extra touch and impress the judges.
5.Share on Multiple Platforms: Posting on Twitter (X) boosts your exposure an
Poolz suffers from arithmetic overflow attack, losing $665,000 across multiple chains.
Poolz suffers from arithmetic overflow attack, with losses of approximately $665,000
Recently, multiple Poolz projects on various blockchain networks were attacked by hackers, resulting in the theft of a large number of tokens, with a total value of approximately $665,000. This attack mainly occurred on chains such as Ethereum, BNB Chain, and Polygon.
The attacker exploited an arithmetic overflow vulnerability in the Poolz smart contract. Specifically, the issue lies in the getArraySum function within the CreateMassPools function. This function accumulates values by iterating over the _StartAmount array but does not handle overflow appropriately. The attacker cleverly constructed an array containing extremely large values, causing the cumulative result to exceed the uint256 range, ultimately resulting in a return value of 1.
The attack process is as follows:
The attacker first exchanged some MNZ tokens on a certain DEX.
Then call the CreateMassPools function, passing in the carefully designed parameters. Although only 1 token is actually transferred, _StartAmount records a huge value.
Finally, withdraw funds through the withdraw function to complete the attack.
This incident involves multiple tokens, including MEE, ESNC, DON, ASW, KMON, POOLZ, etc. The largest loss was for the ASW token, exceeding 2 billion pieces.
To prevent such issues from occurring again, it is recommended that developers use a newer version of the Solidity compiler, which has built-in overflow checking functionality. For projects using older versions of Solidity, it may be advisable to incorporate OpenZeppelin's SafeMath library to handle integer overflow issues.
This attack once again reminds DeFi projects of the importance of smart contract security. Even seemingly simple arithmetic operations, if mishandled, can lead to serious security vulnerabilities. Project teams should place greater emphasis on code audits and take necessary security measures to protect user assets.