Exchanges suspend ERC20 deposits after they have discovered a bug in smart contracts!!!!

There are all sorts of bugs in smart éteréum contracts. Exchanges including Okex, Poloniex, Coinone, and Hitbtc have suspended ERC20 deposits today after they have discovered a whole bunch of bugs in smart contracts that govern multiple coins. The news comes in the same week that the ethereum community voted not to recover the lost ethers that were stuck in the Smart Parity contract last year, all due to a bug.

Ethereum is struggling with an annoying bug

It's harder than it seems to create ERC20 tokens, that is, the ethereum protocol that does not have bugs that can be exploited. At the beginning of the year, researchers claimed to have found 34,000 smart contracts that are vulnerable to bugs. A post on a blog has closely studied one of these situations - a whole bunch of bugs that affect smart ERC20 contracts. His discovery is serious enough to make Okex say he will suspend the ERC20 deposit.

"We are suspending the ERC20 Token Deposits because a new Batchoverflow bug has been discovered. By exploiting this bug, attackers can generate a large number of coins and store them in a normal address. This makes ERC20 tokens vulnerable to attacks and price manipulation. To protect the public interest, we have decided to suspend the ERC20 coins until the issue is resolved. We also contacted affected coin teams to investigate and take the necessary steps to prevent the attack. "

Many other exchanges took the example of Okex.

Bugs hunt is a continuous fight

The ability of attackers to steal, freeze or clone ERC20 coins is a nightmare scenario for any projects that build on the ethereum protocol, but also for existing coins. Teams will study the code more closely to eliminate vulnerabilities.

One of the affected coin is Smartmesh (SMT), a currency traded on Huobi, Gate.io, Bitbtc and Okex. It's a smart contract that now shows fragile exploitation signs with a balance and a 30-digit value. Hundreds of millions of SMTs have been transferred from the Smartmesh contract in the last 24 hours.

The blog post published on April 22 also identifies Beautychain, which would have fallen prey to the same exploit. The author writes:

"We run systems to scan and analyze other contracts. Our results show that more than 12 contracts are also vulnerable to batchoverflow. To prove, we traded with a vulnerable contract (not traded on any exchange) as a exploit proof-of-concept. "

While the ERC20 tokens that were exploited seem to include less known currencies, the risk of the bug occurring is not limited to these projects. If attackers can make chips out of nothing, they can trade them for exchange for ehtereum and bitcoin. This has the potential to affect the price of these assets and to affect confidence in the ethereum ecosystem in particular.

The war for the next generation of blockchains has fought off and competitors like EOS are ready to launch.

More dettails you can find:
https://www.ccn.com/erc20-bug-allows-attackers-to-print-some-tokens-out-of-thin-air-researchers-claim/
https://thenextweb.com/hardfork/2018/04/25/ethereum-smart-contract-integer-overflow/
https://news.bitcoin.com/exchanges-suspend-erc20-token-deposits-after-discovery-of-smart-contract-bug/