- Topic1/3
6k Popularity
9k Popularity
14k Popularity
4k Popularity
20k Popularity
- Pin
- #Gate 2025 Semi-Year Community Gala# voting is in progress! 🔥
Gate Square TOP 40 Creator Leaderboard is out
🙌 Vote to support your favorite creators: www.gate.com/activities/community-vote
Earn Votes by completing daily [Square] tasks. 30 delivered Votes = 1 lucky draw chance!
🎁 Win prizes like iPhone 16 Pro Max, Golden Bull Sculpture, Futures Voucher, and hot tokens.
The more you support, the higher your chances!
Vote to support creators now and win big!
https://www.gate.com/announcements/article/45974
- 🎉 Hey Gate Square friends! Non-stop perks and endless excitement—our hottest posting reward events are ongoing now! The more you post, the more you win. Don’t miss your exclusive goodies! 🚀
1️⃣ #ETH Hits 4800# | Market Analysis & Prediction: Boldly share your ETH predictions to showcase your insights! 10 lucky users will split a 0.1 ETH prize!
Details 👉 https://www.gate.com/post/status/12322612
2️⃣ #Creator Campaign Phase 2# |ZKWASM Topic: Share original content about ZKWASM or its trading activity on X or Gate Square to win a share of 4,000 ZKWASM!
Details 👉 https://www.gate.com/post/st
Poolz suffers from an arithmetic overflow attack, losing $665,000.
Poolz suffers an attack resulting in a loss of approximately $665,000
Recently, an attack on Poolz has garnered widespread attention from the cryptocurrency community. According to on-chain data, the attack occurred on March 15, 2023, involving multiple networks such as Ethereum, BNB Chain, and Polygon. The attackers exploited an arithmetic overflow vulnerability in the smart contract, successfully stealing a large number of tokens with a total value of nearly $665,000.
This attack involved multiple tokens, including MEE, ESNC, DON, ASW, KMON, POOLZ, and others. Some of the tokens obtained by the attackers have been exchanged for BNB, but as of now, these funds have not been transferred.
The attack process is mainly divided into three steps:
The attacker first exchanged a certain amount of MNZ tokens through a decentralized exchange.
Subsequently, the attacker called the CreateMassPools function. This function was supposed to allow users to create liquidity pools in bulk and provide initial liquidity. However, due to an arithmetic overflow issue in the getArraySum function, the attacker was able to exploit this vulnerability. Specifically, the _StartAmount array passed by the attacker contained values exceeding the uint256 limit, resulting in an overflow of the accumulated result, with the final return value being 1. This allowed the attacker to record a liquidity far exceeding the actual amount in the system by transferring just 1 token.
This incident once again highlights the importance of smart contract security, especially the caution needed when handling large numerical calculations. To prevent similar issues, developers should consider using newer versions of the Solidity programming language, which automatically perform overflow checks during the compilation process. For projects using older versions of Solidity, it is recommended to adopt the SafeMath library provided by OpenZeppelin to prevent integer overflow issues.
This attack incident reminds us that in the rapidly evolving blockchain field, security is always the primary consideration. Project teams need to continuously review and update their security measures, while users should also remain vigilant and cautiously participate in various DeFi activities.