2023-04-10
Sushiswap is a decentralized exchange
that allows users to swap tokens, provide liquidity and earn rewards. It is
based on the Ethereum blockchain and uses an automated market maker (AMM) model
to facilitate trades. Sushiswap also has a governance token called SUSHI, which
gives holders a say in the development and direction of the platform. 1,800 ETH
worth over $3.3 million has been hacked from the platform. SushiSwap's head developer Jared Grey
said that the exploit happened because Sushi's RouteProcessor2 contract has an
approval bug.
A computer exploit or an exploit is an
attack on a computer system that take advantage of vulnerability of the system.
The vulnerability in SushiSwap happened in an authorization bug in the
RouterProcessor 2 contract. On April 9, the attacker used the “yoink” function
that was a bug in the “approve” mechanism of the SushiSwap rounter contract
that led to the loss of $1,800 ETH.
According to MetaSleuth the hacker took 1,800 ETH.
PeckShield Inc. reported that
RounterProcess2 contract has an approve-related bug, which led to the loss
of $3.3 million (1,800 ETH).
SushiSwap's head developer Jared Grey said that the exploit happened because Sushi's RouteProcessor2 contract has an approval bug.
