One Simple Function Could Ruin Biggest NFT Collection in World: Details

Arman Shirinyan

One line of code could have ruined entire collection

The "vulnerability"
NFT industry going through a tough period

News

Fri, 4/02/2022 - 10:39

One Simple Function Could Ruin Biggest NFT Collection in World: Details

Cover image via stock.adobe.com

Read U.TODAY on

Google News

According to data from the minting smart contract of the world's biggest NFT collection, Bored Ape Yacht Club, the owner of the wallet tied to the contract is currently able to mint an infinite quantity of NFT pieces.

The "vulnerability"

As the function "reserveApes" in the contract suggests, it should "Set some Bored Apes aside" but, in fact, the function allows minting of 30 apes at a time without even paying network fees of 0.08 ETH. But the main problem is that the function allows the infinite minting of the collection.

Fri, 01/28/2022 - 10:26

OpenSea Vulnerability Leads to Exploit of Numerous NFTs, Hacker Makes 150 ETH

HOT Stories

Crucial SHIB 'Clear Warning' Comes From Shiba Inu Team: Details

XRP to $2: This Crucial Level Needs to Be Cleared First

Ripple Mints Gigantic 10.5 Million RLUSD Stablecoin in One Go

Stellar (XLM) Price Sensationally Jumps by 56% Overnight

The code was more likely "left open" accidentally, and there should be another function that would prevent the "reserveApes" function from being repeated by the owner. As the on-chain data suggests, the account ending with "EE4D03" is still active and could mint more apes.

In addition to the function that could potentially ruin the floor price of the whole collection, the wallet has the authority to change the metadata tied to each existing non-fungible token within the collection.

this can be fixed by 0xaBA7161A7fb69c88e16ED9f455CE62B791EE4D03 calling the function to renounce ownership, suggest the BAYC community push whoever it is to do so, quickly.
— suzuha (@dystopiabreaker) February 3, 2022

But while the exploit still exists in the code, it is still possible to avoid an unpleasant situation by calling the function to renounce ownership.

NFT industry going through a tough period

Previously, numerous NFT-related exploits took place in the space with the biggest NFT marketplace, OpenSea, facing a technical problem with their API that allowed a user to buy and sell non-fungibles for cheaper prices and then sell them for the market price.

Later on, hackers managed to steal eight NFT pieces from the marketplace by once again exploiting the vulnerability. The stolen pieces were related to collections like Cool Cat and Bored Ape Yacht Club. The hacker's wallet was valued at $117,000.

#NFT News

About the author

Arman Shirinyan

Arman Shirinyan is a trader, crypto enthusiast and SMM expert with more than four years of experience.

Arman strongly believes that cryptocurrencies and the blockchain will be of constant use in the future. Currently, he focuses on news, articles with deep analysis of crypto projects and technical analysis of cryptocurrency trading pairs.