Someone has taken advantage of the cryptocurrency exchange FTX’s readiness to pay its customers’ blockchain transaction costs.
This is an uncommon occurrence. It only occurred because a newly introduced coin called XEN is free to mint so long as the transaction fees of the underlying network are paid. A user was able to deceive FTX’s systems into paying the transaction fees on their behalf, as opposed to themselves.
FTX performs free ETH withdrawals and pays transaction fees on behalf of its customers from its own hot wallet address.
The user caused this by withdrawing coins to a smart contract function rather than a standard crypto address. X-Explore informed The Block that this contract was meant to loop the minting process and transfer the tokens to the user’s address.
The individual was able to conduct the operation partly because FTX permits customers to utilise up to 500,000 gas units for Ethereum withdrawal requests. Complex on-chain actions, such as invoking smart contract functions, incur extra costs, which were paid by FTX in this instance. FTX imposes no gas limits on transactions and does not charge withdrawal fees.
According to researchers, the exchange failed to identify that it was minting XEN tokens on the user’s behalf, mistaking them for normal withdrawal requests.
The results of X-Explore were confirmed by the blockchain security company BlockSec. BlocSec informed The Block that its independent study revealed FTX exchange paid more than 100 ether ($120,000) for the minting of XEN tokens by a user.
Disclaimer: The information provided in this article is for informational purposes only and should not be construed as financial or investment advice. Cryptocurrency investments are subject to market risks, and individuals should seek professional advice before making any investment decisions.