BlocksInform
The new uniswap bug bonus program was a resounding success as it uncovered and solved an existing vulnerability in its intelligent universal router contract.
The two new intelligent contracts, permit2 and universal router, were published in November 2022. By sharing and managing token approval, the Smart Contract permit2 gives applications access to a range of secure authorization capabilities. On the other hand, universal router compile erc-20 and nft transactions into a single swap router, giving uniswap a more efficient way to trade between different kinds of cryptocurrency.
With the introduction of these new smart deals, uniswap also announced a bug premium program that would help the platform detect any potential vulnerabilities. As the digital currency and blockchain marketplace continues to evolve, bug premiums have become a means for businesses to ensure that their software, systems and critical infrastructure are secure.
Challenge security audit firm dedaub was one of the first to receive a heavy price for their work on identifying a vulnerability on the universal smart contract router. The vulnerability has been identified as having the capacity to allow reintegration during the confirmation period of a transaction, which could be exploited by the threat actors to then drain funds from a portfolio.
The dedicated team unveiled a critical vulnerability to the uniswap team!
The funds are secure - uniswap has solved the problem and re-deployed the smart contracts of universal routers on all its channels??
The vulnerability allows re-entertrancy to drain the user's funds, mid-tx.
— Dedaub (@dedaub) January 2, 2023
Dedaub says the Universal Router gives users the ability to do multiple transactions at once, such as exchanging multiple tokens and ETFs at once. The integrated script language of the router is capable of a wide range of token activities, including transfers to external recipients. When the transaction is successfully completed step by step, these funds would be paid immediately if the transaction met the criteria set out in the Smart Deal parameters.
By design, it means a third party code, it is invoked in the course of the transfer, may allow the code to re-enter the Universal Router and manage or draw tokens from the Smart Deal for a temporary period. This prompted the dedaub whitehats to counsel uniswap for a resolution, which involved patching the smart contract with a back-in lock for the universal router's basic execution module.
Uniswap quickly gave the dedaub team $40,000 for their quick disclosure. Uniswap reported that the problem was medium in severity, while a further vulnerability assessment identified a low-risk, high-impact scenario. Dedaub confirms that the attack vector may be considered an end-user error, as the scenario would only occur if a user sends ETFs directly to an unreliable receiver.
