BlockSec 警告:NBA NFT 合约存在漏洞,致非白名单用户可铸造
链捕手消息,BlockSec 告警系统发现 NBA NFT 合约存在漏洞,合约中的 verify 函数没有对发送者地址进行确认,导致非白名单用户可以通过复制白名单用户的签名进行铸造,目前已有攻击者(地址为:0x4E8D918118e00F049712BB8DA2B42088909eEEe7)铸造了 100 枚 NFT 并在 OpenSea 上进行出售。
(来源链接)
ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.
