364 ukufundwa
364 ukufundwa

I-9 I-Quadrillion Reasons I-Web3 Ayikho Nge-Ready

nge Ronne Huss3m2025/05/17
Read on Terminal Reader
tldt arrow
en-flagENes-flagEShi-flagHIfr-flagFRja-flagJAam-flagAMaz-flagAZne-flagNEbg-flagBGzu-flagZUhu-flagHUda-flagDApl-flagPL
ZU

Kude kakhulu; Uzofunda

I-Exploit: I-Bug ku- .deposit() ivumela i-mining eyenziwe ngempumelelo I-Token: $MBU, ifakwe ku-BNB Chain Tokens I-Imprinted: 9,731,099,570,720,980,659,843,835,099,042,677 I-Funds I-Stolen: $2.16M ku-USDT Exit Route: I-Tornado Cash Audit Status: None. I-Zero. Akukho ama-circuit breakers. Akukho i-fallback logic. Akukho ukuhambisana.
featured image - I-9 I-Quadrillion Reasons I-Web3 Ayikho Nge-Ready
Ronne Huss HackerNoon profile picture
0-item
1-item
2-item
3-item

What the Mobius Meltdown Reveals About Smart Contract Complacency

I-Line of Bad Math.

9 quadrillion tokens.

I-$2 million eyenziwe - ngaphansi kwe-72 amahora.

I-Mobius ayikwazi ukujabulela. It was wrecked by acopy-paste error in an unaudited smart contract— futhi Web3 akuyona emangalisayo.

Kodwa lokhu akuyona bug kuphela. It wasa broadcast:

I-Web3 inikeza isofthiwe se-finance njenge-weekend code sprints.

I-Web3 inikeza isofthiwe se-finance njenge-weekend code sprints.

⚠️ TL;DR — I-Mobius Hack ku-10 Sekwedlule

  • I-Exploit: I-Bug ku-.deposit() ivumela ukucubungula okungagunyaziwe
  • Token: $MBU, yasungulwa ku-BNB Chain
  • I-Tokens Imininingwane: I-9731,099,570,720,980,659,843,835,099,042,677
  • Izimali ezimbini: $2.16M USDT
  • Ukufinyelela Route: Tornado Cash
  • Ukubuyekezwa kwegama: None. Zero.

Ngaphandle kwe-circuit breakers. Ngaphandle kwe-fallback logic. Ngaphandle kwe-responsibility.

Okufakiwe Kwangathi

I-Mobius yasungula i-$MBU token yayo nge-fanfare encane ku-BNB Chain.

Ukubhalisa ngaphakathi.deposit()Function kuyinto umdla omncane; a multiplier bug enikezela wonke umuntu ukucubungula izigidi ze-tokens nge-0,001 BNB.

Olandelayo: One attacker saw it, minted9+ quadrillion tokens, futhi wahlanganyela nje kakhulu ukunikela nge-$2.16M e-stablecoins evamile.

Ukukhishwa kwe-Malicious TX

0x2a65254b41b42f39331a0bcc9f893518d6b106e80d9a476b8ca3816325f4a150

I-Address ye-Cash Out ye-Attacker:0xb32a53af96f7735d47f4b76c525bd5eb02b42600

Ngemva kokuthunyelwe, umngciwane wahlanganyela ama-$MBU amayunithi amayunithi amayunithi amayunithi amayunithi amayunithi amayunithi amayunithi amayunithi amayunithi amayunithi.

Usuku lokuphumula, le ibhizinisi lithunywe ngokuvamile emibuzo emibuzo eziningi - futhi ngokushesha zithunyelwe imali nge-Tornado Cash ukuze zihlole isitimela.

Ufuna usuku le-zero.

Ufuna ikhompyutha.

I-Code I-Capital - Futhi I-Code Yenza I-Treat Like A Toy

Ngama-finance ezivamile, i-$2M ebutholwe kuya kubaluleke:

  • Ukukhangisa
  • Ukuhlobisa
  • Ukuhlaziywa

Ku-Web3? Kufumana i-tweet thread ... futhi meme.

Ngiyaxolisa okuhlobene:

I-Smart Contracts ayikho kuphela ama-scripts, ama-institutions.

Smart contracts are not just scripts. They are institutions.

Futhi manje, sinikeza izakhiwo ongaphakeme nge-permissions ezingenalutho kanye ne-zero oversight.

Futhi manje, sinikeza izakhiwo ongaphakeme nge-permissions ezingenalutho kanye ne-zero oversight.

Konke i-primitive e-composable iye yenza i-attack surface. I-assumption eyodwa e-unchecked iye yenza i-ticking bomb.

Konke i-primitive e-composable iye yenza i-attack surface. I-assumption eyodwa e-unchecked iye yenza i-ticking bomb.

My Take: Simo Self-sabotaging

Ngitholile i-architect i-token ecosystems, i-Telegram-native economies, ne-tokenized infra-stacks. Futhi apha ukuthi ngithole:

I-Web3 ayikho ngaphansi kokuphendula. I-Web3 ihamba ukubaluleka.

I-Web3 ayikho ngaphansi kokuphendula. I-Web3 ihamba ukubaluleka.

Ngathi:

  • Ukushaja Ikhodi Unaudited
  • Ukubuyekezwa kwe-Skip
  • Ukukhangisa ukubuyekeza
  • Ukuhamba ngokushesha kunazo izinhlelo zethu zokusebenza

I-Mobius i-hack ayikho isizukulwane. Kuyinto evamile.

Ngaphandle kokuba usebenzisesmart contract design like critical infrastructureNgaphezu kwalokho, lokhu ngeke kuthathwa.

I-composability ihamba ngezinye izindlela

I-composability iyisici ye-crypto ye-crown. Kodwa futhi i-glass jaw.

Konke imodi ye-interconnected iye yenza i-risk vector. Yonke "lego block" nge-logic enemibuzo angakwazi ukuchitha uhlelo lwezinye.

Konke imodi ye-interconnected iye yenza i-risk vector. Yonke "lego block" nge-logic enemibuzo angakwazi ukuchitha uhlelo lwezinye.

I-Bug ye-Mobius ayikho kuphela i-nuke yayo ye-token - i-impact ye-liquidity ehlanganisiwe, i-token swaps, ne-trust emhlabeni wonke.

I-Bug ye-Mobius ayikho kuphela i-nuke yayo ye-token - i-impact ye-liquidity ehlanganisiwe, i-token swaps, ne-trust emhlabeni wonke.

Kuyintosystemic fragilityUkulungiswa njengezinto ezintsha.

I-cycle elilandelayo ayikwazanga kakhulu

Ngo-2019, lokhu kuya kuba umugqa. Ngo-2021, mhlawumbe umlando wokuhambisa. Ngo-2025?

It’s a credibility crisis.

Izinhlelo zihlanganisa.

Izinkampani zihlanganisa.

I-Mainstream Capital ayikwazanga ama-mathematical errors e-banking protocols.

Uma ikhodi yakho ingathanda i-quadrillion ye-token angu-9 nge-input efanayo, akuyona i-MVP.

It’s an attack surface waiting to be exploited.

Umqondo lokugqibela: I-Smart Contracts kufanele ifanele - noma ukuphazamiseka

Uma akufanele ukwelashwa kwe-code njenge-capital, abanye ngeke ukwelashwa njenge-opportunity.

If we don’t treat code as capital, someone else will treat it as opportunity.

Ngaphandle kokufaka nge-rigoury ye-financial software, nge-audits, ukulawula okufakiwe, izindlela ze-upgrade kanye ne-kill switches, singenza ukuthuthukiswa kwe-finance.

Thina kuphela ukunika ama-hackers ukuqala.

✍️ I-Note ye-Author

Le post kuyinto inguqulo oluphakeme futhi oluphakeme ye-piece I wahlala ekuqaleni kwamiUmbhalo we-HashnodeI-HackerNoon ibhizinisi wahlukaniswe ngokuvamile ukuze ufike emangalisayo emkhakheni, imiphumela kanye nemiphumela emkhakheni.

Ngithole ama-essay ngeviki ku-intersection ye-smart contract security, i-AI x infrastructure, ne-tokenized systems of value.

Let's Stay Connected - I-Signal Over Noise

👉 Ngiyaxolisa izifundo, izinhlelo zokusebenza, kanye nokucindezeleka kwe-frontier:

HackerNoon:umbhali.com/@ronnie_huss

Ngena ngemvumeekhaya

Imininingwane:linkedin.com/in / imikhiqizo

Twitter / X:Twitter.com / i-ronniehuss



Spacecoin
L O A D I N G
. . . comments & more!

About Author

Ronne Huss HackerNoon profile picture
Ronne Huss@ronnie_huss
Ronnie Huss is a strategist exploring AI, Web3, and programmable infrastructure. Writing at the edge. Creator of Signal Over Noise.
Read my stories

HANG TAGS

purcat-imgweb3#web3#smart-contracts#blockchain#defi#bnbchain#web3-isnt-ready#quadrillion-reasons-why#hackernoon-top-story

LESI SIHLOKO SETHULWE NGAPHAKATHI...

Read on Terminal Reader Terminal
Read this story w/o Javascript Lite

IZINDABA EZIHLOBANE

Article Thumbnail
The Billionaires F*cked Up
by sheharyarkhan
Jan 01, 1970
#trending-tech-companies
Join HackerNoonloading
Latest technology trends. Customized Experience. Curated Stories. Publish Your Ideas

Categories

Trending Topics

blockchaincryptocurrencyhackernoon-top-storyprogrammingsoftware-developmenttechnologystartuphackernoon-booksBitcoinbooks