- Security researcher Jinu uncovered a critical vulnerability in Virtuals Protocol related to token pair creation on Uniswap V2.
- Virtuals Protocol swiftly patched the issue and announced plans for a bug bounty program to enhance security.
Jinu, a security researcher, recently discovered a significant weakness in the Virtuals Protocol smart contract system, specifically the production of token pairs on Uniswap V2. This problem resulted from an Agent Token.sol contract fault lacking validation to search for current pairs on the factory contract of Uniswap V2.
Without this vital protection, malevolent individuals may have manufactured token pairings ahead of time, therefore compromising the legitimacy of the platform and possibly upsetting next token releases. Virtuals Protocol responded to this information by swiftly putting out a patch.
Thank you @lj1nu for bringing this to our attention – a patch has been pushed.
Security is of the utmost importance to us – we’re working on a bug bounty program and will announce full details soon. https://t.co/O0Axqlio8h
— Virtuals Protocol (@virtuals_io) January 3, 2025
Virtuals Protocol: Strengthening Security Through Validation and Collaboration
The team acted forcefully by including Agent Token.sol contract validation procedures. By ensuring that current pairs are correctly validated before any new ones are generated, these improvements essentially close the problem. Virtuals Protocol also released thorough details on the improvements on sites like BaseScan and GitHub to support openness.
Virtuals Protocol also announced intentions to reopen its bug bounty program in order to encourage next security research. The team wants to involve the larger cybersecurity community in platform protection by rewarding vulnerabilities found and reported upon.
The company is now evaluating suitable compensation for the researcher’s work, as Jinu’s essential contribution in revealing this problem has been acknowledged. This proactive approach not only emphasizes Virtuals Protocol’s will to upgrade its security system but also establishes a standard for openness and teamwork within the blockchain community.
Still, this event happened amid notable activity involving the native crypto of the platform, VIRTUAL. Previously, in a public action, the suspected Virtuals Protocol official address withdrew 4 million VIRTUAL tokens from its liquidity pool wallet.
Notably, as we previously noted, on-chain movements were highlighted when one million VIRTUAL coins were moved to a Bybit deposit address shortly following the withdrawal.
Meanwhile, at the time of writing, the VIRTUAL token was swapped hands at about $4.22, up 20.13% over the last 7 days and 165.28% over the last 30 days.
Credit: Source link
