- The bug gave the culprits the ability to create huge sums of tokens on the smart contracts and deposit them in the normal wallets.
- The exchanges will have to perform audits on the ERC20 tokens as well as their smart contracts.
OKEx cryptocurrency exchange platform has announced the suspended ERC20 tokens have been cleared to resume deposits and withdrawals. The tokens were suspended following the discovery of a bug referred to as BatchOverFlow. The bug gave the culprits the ability to create huge sums of tokens on the smart contracts and deposit them in the normal wallets. The post on tweeter read:
“We have completed the security check of all ERC-20 smart contracts, and all tokens are safe from the “BatchOverFlow” bug. We will resume the deposits of ERC-20 tokens gradually.”
It is not clear the number of tokens that could be potentially vulnerable to this bug. The token confirmed to have been affected is Beauty Chain (BEC), however, it is suspected that many more tokens were affected. The faulty transactions on BEC have been reversed. The experts at the changely exchange service said in a comment:
“However, with the touted “code-is-law” principle in Ethereum blockchain, there is no traditional well-known security response mechanism in place to remedy these vulnerable contracts!”
Therefore, the exchanges will have to perform audits on the ERC20 tokens as well as their smart contracts. The damage the bug cause is unknown considering a scenario where such an occurrence is undiscovered. A tweet from the largest cryptocurrency exchange, Binance reads:
“We have audited over 100 ERC20 tokens listed on the world’s leading digital currency exchange, @binance, and validated that none are vulnerable to the recent #batchOverflow and #proxyOverflow vulnerabilities.”
Original URL : https://www.fxstreet.com/cryptocurrencies/news/okex-clears-erc20-tokens-the-batchoverflow-bug-led-to-the-cancellation-of-deposits-and-withdrawals-201805011515