Trusted

This Vulnerability Could Put Prime Protocol Users’ Funds at Risk

2 mins
Updated by Geraint Price
Join our Trading Community on Telegram

In Brief

  • Security firm Dilation Effect has reported a vulnerability in Prime Protocol.
  • The vulnerability could put users' funds at risk.
  • Prime Protocol is yet to comment on the matter.
  • promo

Updated 16:00UTC, 23 May: A spokesman for Prime Protocol issued the following statement on Twitter:

We’re aware of some recent communication regarding a specific functionality in our contracts. We want to be clear – this is NOT a vulnerability that would allow a bad actor to seize others’ funds from the protocol at any point.

“We are promptly taking action to address the concerns, and we will provide a comprehensive explanation of the solution once it is complete.”

A security firm has reported a feature (or a bug) in cross-chain brokerage Prime Protocol that could jack up TVL and put users’ funds at risk.

While decentralized finance (DeFi) is often the victim of various hacks and thefts, open-source code also helps discover certain vulnerabilities.

A Vulnerability in Prime Protocol?

According to a security firm, Dilation Effect, a feature in Prime Protocol could put users’ funds at risk. The security firm claims that after users complete an approval operation, anyone can deposit their approved crypto into the protocol’s loan pools.

A screenshot from Twitter showing the vulnerability in Prime Protocol
Source: Twitter

While it is not a critical bug, it might get misused to jack up the total value locked (TVL) of the DeFi protocol. According to DefiLlama, the TVL of Prime Protocol stands at $1.3 million.

If there is an attack on the platform, apart from TVL, the additional users’ funds are also at risk. This is because the hackers can deposit the approved crypto into the loan pool and steal away the additional funds.

According to the official website, security firms Veridise and Ackee Blockchain have audited Prime Protocol’s security.

Got something to say about this article or anything else? Write to us or join the discussion on our Telegram channel. You can also catch us on TikTok, Facebook, or Twitter.

For BeInCrypto’s latest Bitcoin (BTC) analysis, click here.

Top crypto projects in the US | October 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
3Commas 3Commas Explore
Uphold Uphold Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | October 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
3Commas 3Commas Explore
Uphold Uphold Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | October 2024

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

Harsh.png
Harsh Notariya
Harsh Notariya is an Editorial Standards Lead at BeInCrypto, who also writes about various topics, including decentralized physical infrastructure networks (DePIN), tokenization, crypto airdrops, decentralized finance (DeFi), meme coins, and altcoins. Before joining BeInCrypto, he was a community consultant at Totality Corp, specializing in the metaverse and non-fungible tokens (NFTs). Additionally, Harsh was a blockchain content writer and researcher at Financial Funda, where he created...
READ FULL BIO
Sponsored
Sponsored