Thirdweb: There is a security vulnerability in a commonly used open source library. Contracts created on the platform before November 23 need to take
Thirdweb, a Web3 developer platform, posted on X platform that they discovered a security vulnerability in commonly used open source libraries in the Web3 industry at 10:00 on November 21st Beijing time. This will affect various smart contracts in the Web3 ecosystem, including some pre-built smart contracts by Thirdweb. According to investigations so far, this vulnerability has not been exploited in ThirdWeb smart contracts. However, smart contract owners must take mitigating measures for certain pre-built contracts created on ThirdWeb before 11:00 on November 23rd Beijing time. Affected pre-built contracts include but are not limited to DropERC20, ERC721, ERC1155 (all versions), and AirdropERC20.
Thirdweb stated that the top priority is to protect affected customers from this vulnerability. If contract builders deployed one of these pre-built smart contracts using Thirdweb's dashboard or SDK before 11:00 on November 23rd Beijing time, they need to take some steps to mitigate potential exploitation of this vulnerability. In most cases, mitigation measures will involve locking the contract, taking a snapshot, and migrating to a new contract without known vulnerabilities.
It should be noted that if the contract builder's holder has locked tokens in any liquidity or staking pool, they should withdraw these tokens before starting these steps. Otherwise, the contract builder will not be able to distribute new tokens to these users. In addition, contract builders should use http://revoke.cash to request that their users revoke approval for all ThirdWeb contracts. The team has successfully launched remedial measures for all affected pre-built contracts created for Thirdweb after 11:00 on November 23rd Beijing time. All other ThirdWeb services, including wallets, payments, and infrastructure services, are not affected and operate as usual.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
XLM, UNI and AAVE gain double-digits as BTC reclaims $94k
Bitcoin’s metrics suggest bull market is far from overvalued
Jim Cramer, Known for His Wrong Comments, Shared His Last Opinion on Bitcoin and Cryptocurrencies
Jim Cramer, who is the butt of jokes in the cryptocurrency world with his predictions, has made new comments about Bitcoin. Here is everything he said.