Alarm Clock Ethereum Smart Contracts Exposed to Exploitation

PeckShield, a blockchain security startup has announced a new transaction fee refund vulnerability in the TransactionRequestCore Ethereum Alarm Clock Project smart contract.

There were about 24 attempts by hackers to steal from the people who had initiated a transaction by using the cancel feature just before go time.

The caller was charged a far higher transaction fee than the original transaction’s owners would have paid for a refund.

To reimburse the owner, the cancel method calculates their actual gas bill and adds a fixed sum of $85,000 to it.

This means the hacker may get a refund larger than the transaction charge without spending more than $70,355 in petrol. 

pyggie9, a Twitter user, tweeted: The trick is to contact in with a gas price that’s so high that the massive refund eats up the remainder of the contract and leaves nothing but a trace of dust.

PeckShield estimates that 51% of the overstated refund is sent to miners as profit, raising their MEV. 

The security firm Supremacy Inc. reports that hackers have successfully stolen 204 ETH.

The term “miner extractable value” describes the profit that may be extracted from a blockchain when miners arrange transactions in blocks. Splitting the roles of proposer and block-builder is widely acknowledged as a means to increase MEV returns. In the Ethereum Virtual Machine, a proposer may profit handsomely by allocating blockspace to a group of trustworthy block builders.

You may find Ethereum transactions set to execute at a later time in the Ethereum Alarm Clock project. People or intelligent connections may arrange business transactions. The EAC will also make it possible for TimeNodes to initiate transactions at certain times.

Also Read: U.S. Global Investors CEO Says Bitcoin Mining “Shuts Down Worldwide” Around $12,000

Disclaimer: The information provided in this article is for informational purposes only and should not be construed as financial or investment advice. Cryptocurrency investments are subject to market risks, and individuals should seek professional advice before making any investment decisions.