OpenSea launches new system to protect against recent bug

NFT (non-fungible token) marketplace OpenSea has launched a new system that will help users clear out unclaimed sale offers, set to roll out over the next two weeks.

In an announcement post, CEO Devin Finzer described the changes as made to “ensure old, inactive listings expire”, reports The Verge.

The move comes after a bug that allowed attackers to exploit old contracts to buy tokens for hundreds of thousands of dollars below market price.

In one particularly attention-getting case in January, a Bored Ape Yacht Club token was purchased for less than $2,000 and resold immediately for over $192,000.

The bug was a result of how OpenSea’s platform interacts with the Ethereum blockchain, often saving gas fees by listing offers locally rather than coding them into the broader chain.

An oversight in that system allowed old contracts to sometimes linger on the blockchain without appearing in the OpenSea interface, the report said.

By making offers against those contracts, which were often years old, attackers could take advantage of badly out-of-date prices — usually taking token-owners by surprise, it added.

As described by OpenSea, the new system will enable users to cancel all unfilled contracts while incurring only minimal gas fees.

A separate change looks to make signatures clearer, hopefully preventing users from mistaking contract terms in the future.

The new system is expected to take 15 days to fully roll out, at which point users will be invited to switch their accounts onto the new system, the report mentioned.




Please enter your comment!
Please enter your name here