
PeckShield Inc.|Jul 11, 2025 00:02
The post-mortem analysis of GMX V1 Exploit on Arbitrum is out and we want to share our thoughts:
1) The entry point of the attack was at https://github.com/gmx-io/gmx-contracts/blob/master/contracts/core/OrderBook.sol##L874, not #L764.
2) While the reentrancy is being utilized, the exploited bug shares the same nature of an earlier (2022) 1 million bug bounty paid by @GMX_IO to @ColliderVC (URL: https://www.collider.vc/post/gmx-granted-million-dollar-bug-bounty-to-collider-the-bug-aftermath), i.e., the non-atomic update of two closely related states, i.e., global short size and average global short price.
Another question remains: was this bug introduced in the patch to fix the 1M bug bounty in 2022?
Share To
Timeline
HotFlash
APP
X
Telegram
CopyLink