An infinite mint attack occurs when an unwanted entity or hacker mints an absurd ("infinite") amount of tokens within a protocol.
An infinite mint attack occurs
when an unwanted entity or hacker mints an absurd amount of tokens
within a protocol, increasing its supply to an unhealthy amount, which debases the value of each token. Attackers would often proceed to dump all the minted tokens on the market and cause the price to crash. The process typically unfolds swiftly, with attackers taking home millions of dollars worth of tokens.
systems are vulnerable to this type of attack mainly because of security lapses, which allow hackers to exploit bugs and other code vulnerabilities. In the Cover Protocol attack
, hackers exploited shield mining contracts, which enabled them to gain unauthorized crypto rewards from the protocol.
The hacker managed to exploit 40 quintillion tokens on the Cover staking pool, causing its token price to plummet by 97%. In this case, the attacker liquidated more than 11,700 coins via 1inch
and stole around $5 million worth of tokens.
The best prevention for infinite mint attacks is a series of smart contract audits from various firms. However, audits do not guarantee that a protocol is completely secure.