As hackers exploited a flaw in the Safemoon token liquidity pool's smart contracts on Wednesday, the pool lost approximately $9 million worth of tokens.
Blockchain data reveals that a number of tokens were exchanged in a single transaction early on Wednesday, leading to the attacker's theft of billions of Safemoon's SFM tokens that were locked on an LP. A collection of tokens secured by a smart contract makes up a liquidity pool. Without the use of intermediaries, decentralized lending, borrowing, and trading between users is made possible through liquidity pools.
SFM tokens for Safemoon experienced a 40% decline in early Asian hours before somewhat recovering at the time of writing. Fee reflection, LP acquisition, token burn, and growth fund are the four activities that Safemoon, a decentralized finance (DeFi) token, performs throughout each trade. As a result, Safemoon has become one of the top gainers in the 2021 bull market.
Developers of Safemoon reported a compromise with their liquidity pair (LP) on Wednesday. We regret to notify you that the integrity of our LP has been compromised. Developers wrote, "We are moving quickly to address the issue as soon as feasible.
In a subsequent tweet, Safemoon CEO John Karony explained that the exploit was exclusive to one LP on the BNB Chain. "Let me be clear: Our DEX is secure. The SFM:BNB LP pool was ultimately impacted by this, according to Karony. In order to ascertain the specific nature and scope of the alleged attack, a chain forensics consultant has been hired. We have also patched the vulnerability.
A flaw in the burn feature of Safemoon's smart contracts was cited by some developers as a major factor in the vulnerability. The Dappd CEO DeFi Mark tweeted, "The attacker took use of the public burn function. This function let any user burn tokens from ANY other address (code attached)."