PANews
PANews|Mar 12, 2026 08:10
[BlockSec: DBXen Contract Attacked, Approximately $150,000 Lost] According to monitoring by BlockSec Phalcon, the DBXen contract was attacked this morning, with an estimated loss of approximately $150,000. The root cause lies in the inconsistency of the sender's identity under the ERC2771 meta-transaction. In the `burnBatch()` function, the `gasWrapper()` modifier uses `_msgSender()` (the actual user) to update the state, while the callback function `onTokenBurned()` uses `msg.sender` (the forwarder). This causes `accCycleBatchesBurned` to be recorded for the user, but `lastActiveCycle` is incorrectly updated for the forwarder. This inconsistency disrupts the logic of `claimFees()` and `claimRewards()`. When `updateStats()` is run for the user, the contract mistakenly assumes there are unprocessed burned batches because `accCycleBatchesBurned` has been updated while `lastActiveCycle` has not, leading to incorrect reward and fee calculations, allowing the attacker to extract excess funds for profit.
+5
Mentioned
Share To

Timeline

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads