Main navigation

Uniswap (UNI) Critical Vulnerability Disclosed, Funds Safe?

Wed, 01/04/2023 - 14:17
article image
Vladislav Sopov
Dedaub cybersecurity experts unveiled critical bug in Uniswap (UNI), largest noncustodial crypto exchange
Uniswap (UNI) Critical Vulnerability Disclosed, Funds Safe?
Cover image via
Read U.TODAY on
Google News

Dedaub, a blockchain-focused cybersecurity team, shared the design of a possible attack on the funds in Uniswap's Universal Router, a new-gen mechanism that allows users to move NFTs and cryptocurrencies together.

Uniswap's Universal Router can be drained

Uniswap (UNI) was exposed to a critical vulnerability after the activation of its Universal Router. The bug allowed a third party to inject the code and withdraw money during the process of routing.

The attack was possible as the router mechanism contains funds mid-transaction, and these funds can be withdrawn by an attacker. For instance, if account "A" transfers NFTs and then transfers funds to account "B," the latter is theoretically able to "reenter" the router and drain the funds.

The cybersecurity researchers advised the Uniswap (UNI) team to implement a reentrance lock to the core execution of the new router and then redeploy this mechanism.

Uniswap (UNI) activated its Universal Router on Dec. 17, 2022. It significantly streamlined the processes of token swaps and made them more resource efficient.

Uniswap fixes bug, pays bug bounty

Dedaub experts announced that the Uniswap (UNI) team implemented the security fix before the router gained traction among users of the decentralized exchange. The emergency update was activated across all blockchains Uniswap (UNI) leverages currently.

All funds of new and existing Uniswap (UNI) users are 100% safe at this time. Also, Uniswap (UNI) paid the bug bounty to the experts that unveiled the dangerous vulnerability.

As covered by U.Today previously, in 2022, Uniswap (UNI) registered a whopping $620 billion in trading volume on its swap engine despite the bearish recession.

Ethereum Decentralized Exchange Uniswap Records $620 Billion in Trading Volume This Year

The platform handled 68 million transactions on the Ethereum (ETH) network only.

article image
About the author

Blockchain Analyst & Writer with scientific background. 6+ years in IT-analytics, 3+ years in blockchain.

Worked in independent analysis as well as in start-ups (, Monoreto, Attic Lab etc.)