The National Basketball Association (NBA) revealed pausing minting of its new non-fungible token collection, dubbed – The Association – after a major loophole was detected by BlockSec. Less than a day after the league announced the minting of its Ethereum-based non-fungible token (NFT), it recognized the issues with the smart contract that triggered the “Allow List” supply to sell out prematurely.
Defectul
Blockchain security firm, BlockSec revealed identifying a serious vulnerability that could have allowed a malicious entity to mint a large number of NFTs, without paying any tokens. According to the official blog, the company said the main reason behind the flaw is the incorrect use of signature verification.
This essentially means that the contract fails to ensure that the signature can only be used by the user (and only the user) once. The vulnerability also allowed the attacker to reuse a privileged user’s signature and mint tokens to themselves.
Compania a declarat,
“We are surprised that how such a vulnerability can exist in a popular NFT project. The whole community needs to pay more attention to the security of the contract.”
The attacker reportedly managed to mentă 100 NFTs and sell them on the OpenSea marketplace. The latest development depicts, once again, the necessity of evaluating the security of a smart contract.
Utilizator Twitter a spus,
“What’s even more hilarious about this NBA Associated NFT is it’s called V2 on OpenSea. Which means they created a contract, found an error and then released V2 with still the most basic exploit possible in it. Whoever at the NBA choose this partnership needs to be fired.”
The NFT Collection
The NBA had first unveiled the launch of its Web 3 project – “The Association” – which involves 18,000 non-fungible tokens representing all 240 assigned NBA players in this year’s playoffs. Furthermore, 75 NFTs are allocated randomly using Chainlink VRF to each player from the 16 participating teams.
Leveraging Chainlink oracles will allow each player’s NFT appearance to alter automatically. The dynamic NFTs will change in appearance based on the performance of the players. In short, more accomplishments during the 2022 NBA playoffs mean players will see more visual changes in their digital collectibles, throughout the course of the postseason tournament.
Binance gratuit 100 USD (exclusiv): Utilizați acest link pentru a vă înregistra și a primi 100 USD gratuit și 10% reducere la taxe la Binance Futures prima lună (termeni).
Ofertă specială PrimeXBT: Utilizați acest link pentru a vă înregistra și introduce codul POTATO50 pentru a primi până la 7,000 USD din depozitele dvs.
Source: https://cryptopotato.com/nba-pauses-minting-of-the-association-nft-collections-after-spotting-serious-vunerability/