Uniswap CrossChain Collaboration Raises Concerns LayerZero Founder Steps In to Debug Unveiling Security Issues as Pandoras Box
Expert Opinion Latest News 

Uniswap CrossChain Collaboration Raises Concerns LayerZero Founder Steps In to Debug Unveiling Security Issues as Pandoras Box

Earlier, we reported that Uniswap has launched its built-in cross-chain bridge, which is developed in collaboration with the cross-chain protocol Across Protocol. However, Bryan Pellegrino, the founder of the LayerZero interoperability protocol, recently publicly pointed out on Twitter that there is a code vulnerability in Across Protocol. Although Hart Lambur, the founder of Across Protocol, responded to the post, the issue remains unresolved.

Bryan Pellegrino stated that due to the vulnerability in Across Protocol, the private function used by Open Zeppelin to destroy ERC-20 tokens has been leaked. Open Zeppelin’s open-source contract library is considered an industry standard and has collaborated with Ethereum Foundation, Coinbase, Optimism, AAVE, Compound, Polkadot, and Uniswap.

Bryan Pellegrino pointed out that this vulnerability allows Across Protocol to freely withdraw tokens from any wallet, zero out tokens from any account at any time, and create risks of malicious liquidation. He also stated that Across Protocol, owned by Hart Lambur, and the UMA token can effectively issue an infinite number of tokens. Interestingly, Hart Lambur criticized the issue of infinite token issuance just last week.

Bryan Pellegrino also provided a solution to this vulnerability, stating, “To fix this problem without reissuing tokens: transfer contract ownership to a new smart contract that restricts the total token supply and prohibits excessive issuance and destruction operations. Since this is a permanent vulnerability, the new contract must be immutable and should not include any ownership transfer functionality.”

In response to this vulnerability, Hart Lambur commented that it is dishonest FUD (Fear, Uncertainty, Doubt) and pointed out that Across Protocol’s contract has been audited by Open Zeppelin. Bryan Pellegrino questioned Hart Lambur’s understanding of the code and stated that contract audits cannot solve the problem. He even challenged Hart Lambur to a highest-level debugging bet worth one million pounds, stating that if he is proven wrong one day, he will donate the money to the community.

However, Hart Lambur insists that there is no such vulnerability in Across Protocol. Nevertheless, in the spirit of decentralization, he initiated a community governance vote to fix the total token supply of Across Protocol at 1 billion tokens. In response to Bryan Pellegrino’s continuous inquiries, Hart Lambur directly stated that the issue has been resolved. The conversation ended without further continuation.

You May Also Like

SECs former chief of cryptocurrency resigns refuting rumors of joining meme coin issuance platform Pumpfun

SECs former chief of cryptocurrency resigns refuting rumors of joining meme coin issuance platform Pumpfun

Taiwan's Financial Supervisory Commission to Implement New Regulation: Unregistered Exchanges to Face Criminal Liability, Beyond Monetary Penalties

Taiwan’s Financial Supervisory Commission to Implement New Regulation: Unregistered Exchanges to Face Criminal Liability, Beyond Monetary Penalties

Why does encryption detective ZachXBT have a pessimistic view on Elon Musk confirming Twitter new users need to pay?

Why does encryption detective ZachXBT have a pessimistic view on Elon Musk confirming Twitter new users need to pay?

Leave a Reply

Your email address will not be published. Required fields are marked *