DeFi lender backed by Jump Crypto users vulnerable to attack according to web3 researchers

|ByEkta Mourya

  • Web3 security researchers identified a unique feature that allows others to access users' authorized assets without permission. 
  • Researchers argue that an attack on the DeFi lender could affect the Total Value Locked and assets of users across all supported chains. 
  • Prime Protocol didn't deny the vulnerability but said it wouldn't allow a bad actor to seize funds. 

Dilation Effect, a web3 security research firm, issued a warning about Jump Crypto backed DeFi lender Prime Protocol. The protocol is a newly launched DeFi lender with upwards of $1.6 million in Total Value Locked (TVL). 

Also read: Three reasons why Litecoin whales could push LTC price to $100 before third halving

DeFi lending protocol at risk of suffering a security breach

Web3 security researchers at Dilation Effect issued a warning regarding Prime Protocol. The protocol is a newly launched cross-chain DeFi lending agreement with $1.6 million in TVL. The Jump Crypto backed protocol has a unique feature that allows others to complete deposit operations on behalf of the users. 

This implies once the user has authorized the contract, anyone else can access the authorized assets in the user's address and deposit them into lending pools without further permissions. While this has not resulted in a security breach yet, in the event that Prime Protocol gets hacked, an attacker can move all authorized user assets to a lending pool before draining it. 

No additional permissions are required from the user, which puts the protocol's TVL and all authorized user assets at risk. 

How users of the DeFi lending protocol can get affected

Prime Protocol is deployed across chains and currently supports Ethereum, Arbitrum, Avalanche, and Moonbeam. If users have authorized assets on multiple chains, their holdings on these chains will be vulnerable to security breach. 

Web3 researchers have recommended that the project fix the concerns and make improvements to secure user assets. 

Prime Protocol's response and the road ahead for users

Prime Protocol responded to Dilation Effect's critique and addressed the specific functionality in their contracts. The protocol explained that the team is promptly taking action to address the concerns and will provide a comprehensive explanation of the solution once it is complete.

In their response, the team reiterated that the security of user funds is their top priority and the concerns surrounding the security breach will be addressed in their next steps. 

Information on these pages contains forward-looking statements that involve risks and uncertainties. Markets and instruments profiled on this page are for informational purposes only and should not in any way come across as a recommendation to buy or sell in these assets. You should do your own thorough research before making any investment decisions. FXStreet does not in any way guarantee that this information is free from mistakes, errors, or material misstatements. It also does not guarantee that this information is of a timely nature. Investing in Open Markets involves a great deal of risk, including the loss of all or a portion of your investment, as well as emotional distress. All risks, losses and costs associated with investing, including total loss of principal, are your responsibility. The views and opinions expressed in this article are those of the authors and do not necessarily reflect the official policy or position of FXStreet nor its advertisers.

RELATED CONTENT

Loading ...

Copyright © 2024 FOREXSTREET S.L., All rights reserved.