Open in app

Sign in

Write

Sign in

OpenSea Exploit Allows Undervalued Purchase of NFTs

Insured Finance
6 min readJan 28, 2022

--

The Intelligent Insurer #51 — Flaw introduced by high gas fees allows hackers to steal 332 ETH

OpenSea, the biggest marketplace for non-fungible tokens (NFTs), has suffered a vulnerability exploit that allowed hackers to buy some NFTs at extremely undervalued prices. The hackers sold them near their current market value within short periods, netting huge profits. Original owners of the NFTs were left stranded as panic spread through the platform.

In the latest Intelligent Insurer, we examine the details of the exploit, highlighting the conditions that made the exploit possible. We also consider what users can do to protect themselves from falling victim to situations like this in the future.

We would also like to announce that we will be hosting an AMA on Monday, 28th January, 2022, at 2000 (8PM) Singapore time. The AMA can be accessed from the Insured Finance Telegram group. We look forward to answering your questions and would love your feedback on our platform! Here are highlights of the progress we’ve made this week.

Insured Finance software development update

We continue to make rapid progress towards our mainnet release. This past week saw us deploy fixes to minor bugs and improve our platform’s functionality. Here are the highlights of the tasks we completed:

  • We welcomed new team members onboard with a view to supporting a more extensive range of features our users demand. We’re excited to witness the inputs our new members will provide as our product depth grows!
  • We deployed new features on our platform based on user feedback and continue to engage our community.
  • We began research on claim assessment features and hope to implement this functionality shortly.

As we head into next week, we’re preparing to assess our current functionality and prioritize new features as our mainnet release draws closer. User security remains paramount in our minds as we continue to rigorously test our platform’s features. We’re excited about the progress we’ve made and are certain that our next gen digital asset insurance platform will provide our users with a great experience.

Our next goal is the mainnet release which will happen within this quarter. Community members who want to get in touch with our dev team should feel free to contact our admins, we do appreciate all feedback about our current beta version. We already implemented community member suggestions to improve the functionality. We’ll take time to attend live calls with every community member who has suggestions to improve the current beta version.

Hackers exploit OpenSea bug multiple times

On Monday, January 24th, 2022, blockchain security company PeckShield reported that hackers made an illegal gain of 332 ETH by exploiting a front-end bug on OpenSea. A listing bug allowed hackers to buy NFTs at old, lower prices. After reselling them almost immediately for their actual market values, the hackers made near-instant profits.

PeckShieldAlert @PeckShieldAlert

It appears that @opensea has a front-end issue and the exploiter gained about 332 Ether etherscan.io/address/0xb1a2…

January 24th 2022

67 Retweets152 Likes

In one example, a Bored Ape Yacht Club NFT (BAYC) #9991 sold at 0.77 ETH ($1,800). The market price of this family of NFTs at the time was at least $198,000. In the space of minutes, the hacker resold the NFT for 84.2 ETH ($196,000), realizing a $194,000 profit.

The hacker behind this exploit, tagged jpegdegenlove, was also able to buy BAYC #8924 for 6.66 ETH and BAYC #8274 for 23 ETH. These are highly undervalued prices for both NFTs. Another hacker bought a Mutant Ape Yacht Club (MAYC) NFT for $10,600 and resold it for $34,800 a few hours later.

Twitter was aflame over these incidents, and a community of OpenSea users tried to discover how this exploit was possible. A user with the handle @yakirrotem eventually explained the situation. According to their detailed analysis, a bug exists on OpenSea that maintains old listings if a user does not delete them using the proper procedure. The bug will allow hackers to access old prices that are different from current ones.

Rotem Yakir 🍊 🌐 @yakirrotem

** Urgent ** There is an @opensea devastating bug that will keep old listing and allow exploiters to buy the NFT using their API. Immediate action is to move your NFT to a new wallet or wallet without any previous listing. I will add a 🧵about it very soon

January 24th 2022

65 Retweets118 Likes

OpenSea does not account for alternative user procedures

Listing on OpenSea costs creators gas fees that can run into the thousands of dollars, reducing profits. This becomes an issue when NFTs are relisted for sale. OpenSea recommends its users execute an on-chain transaction, invalidate the old listing, and validate the new one. However, many users balk at the high gas fees and prefer an off-chain transaction.

In this method, a user transfers the NFT to a new wallet and transfers it back to their original wallet. On the front-end, the listing is updated with the new price. However, the old NFT (with the old price) remains on the blockchain, accessible via OpenSea’s API. This is how the hackers accessed the older prices, resold it at the higher, newer price, and made away with huge profits in a matter of a few hours.

This is what occurred in the case of a user tagged @T_BALLER6, the original owner of BAYC #9991. The NFT was listed at 0.77 ETH a long time ago. A back and forth transfer between different wallets exposed the NFT to an exploit. This is a strange situation since OpenSea technically isn’t at fault. After all, users executing off-chain transactions weren’t following the recommended procedure.

OpenSea’s smart contracts cannot evaluate whether a new listing is an update of a previous existing one. Identifying this is up to the user and in this case, the off-chain method did not accomplish this task. One could argue that the users created this vulnerability for themselves. However, this assumes every OpenSea user is technically proficient in the way the blockchain works.

(Source: Twitter.com)

A curious case of user and platform error

High gas fees, or the desire to avoid them, lie at the heart of his incident. It’s a situation that neither the platform nor the users could have envisaged. OpenSea clearly laid out its procedures but users chose to not follow them. It could not have envisioned a situation where providing users with access to their blockchain API would lead to losses.

For the users’ part, they could not have expected the front end display to differ from the back end storage. The average user does not have access to the back end, nor the ability to decipher complex APIs. Overall, it is a situation that perfectly illustrates the effects of “unknown unknowns”.

In light of such incidents, the utility of platforms like Insured Finance are more evident than ever before. By providing full insurance cover to digital assets, irrespective of the nature of the asset or platform, investors can always rest assured they’re protected. Unexpected incidents such as these will not impact them adversely.

About Insured Finance

Insured Finance is a decentralized, peer-to-peer insurance marketplace. Users can request customized insurance on a wide variety of digital assets, thereby ensuring full protection. Those fulfilling requests can earn premiums and earn a competitive return on their capital. Claims are fully collateralized and settled instantly.

Blockchain
Insurance
Crypto
Solutions

--

--

Insured Finance
Insured Finance

Written by Insured Finance

511 Followers
1 Following

A decentralized P2P insurance marketplace with easy claims and instant payouts. Powered by Polkadot.

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams