ERROR IN THE BINANCE TOKEN CODE ALLOWS TO ALTER YOUR LIQUIDITY

in #crypto6 years ago

HELLO FRIEND OF THE COMUNITY!!!! H R Y???? 


An engineer from the aggregator of decentralized bureaux de change Totle found an error in the code of the BNB token, from the Binance Asian exchange house. This was announced by the Uniswap team through a series of tweets published from their official account in the social network.

According to the Uniswap report, this is a variation of the "missing return value" error, which affects several tokens created from Ethereum's ERC-20 protocol. This makes it possible to "add liquidity to the Uniswap BNB <> ETH liquidity fund, but not eliminate it," Uniswap said.


Given that Uniswap supports custom interchange contracts, its services have been suspended for BNB, in order to prevent the possibility of the error being exploited by taking advantage of its decentralized exchange platform.

An attacker could increase the liquidity of his BNB purse and create an intelligent contract to try to liquidate these anomalous currencies to ETH, so developers have preferred to suspend their service with the token.


Recall that, according to what was said by Uniswap, the error allows adding liquidity, which was demonstrated by a Totle engineer, who blocked about 2,000 dollars in BNB added to the pool of liquidity of Uniswap, before they suspended the service.


The missing or undefined return value failure has already been investigated in the ecosystem. In fact, up to 130 tokens, created from Ethereum's ERC-20 protocol, have this error, including OmiseGo. "This could mean that the tokens that are sent to a contract of this type will stay there forever, even if the contract has a function to transfer the ERC20 token," researcher Lucar Kremer wrote on the subject.


Currently, Binance is one of the largest volume exchange houses, although it offers only pairs of cryptocurrencies, in addition to its own token, BNB, through which users of the platform can carry out their exchange operations in a more efficient manner fast.



What makes the Binance error so obviously bad is that the transferFrom () function has a return value, but the transfer () function does not. This means that contracts that expect return values can take BNB out of your account, but can not transfer them back.  "Uniswap"



FOLLOW ME IN: @desocrates