Crypto exchange Poloniex has suspended all ERC-20 token deposits and withdrawals, and HitBTC has initiated an internal inspection that takes deposits and transfers offline, following OKEX's decision to halt ERC20 deposits earlier today after the discovery of a potential new smart contract bug called batchOverFlow.
We've temporarily suspended ERC-20 token deposits and withdrawals while we review all smart contracts for exposure to the reported batchOverflow bug.
Poloniex Exchange April 25, 2018 Due to a potential issue detected in ERC20 smart contracts, we initiated an internal inspection.
HitBTC April 25, 2018 Other exchanges that chose to halt ERC-20 token trading because of the newly discovered vulnerability include Changelly, QUOINE and a number of others.
On April 23, Medium user ranimes posted a blog entitled, "New batchOverflow Bug in Multiple ERC20 Smart Contracts," detailing how a "a previously unknown vulnerability in the contract" that could allows "An attacker to possess a huge amount of tokens by exploiting these vulnerable contracts," thus allowing for price manipulation.
The blog post notes that, due to the "Code-is-law" principle that is used on the Ethereum Blockchain, "There is no traditional well-known security response mechanism in place to remedy these vulnerable contracts."
The author of the blog writes that teams that work with contract with this vulnerability have been contacted, but "Other exchanges also need to be coordinated and there still exist other tradable tokens vulnerable to batchOverflow."
The blog mentions that another problem could arise with non-centralized exchanges that use offline trading services, "As they cannot even stop attackers from laundering their tokens."
Medium user John Huxtable commented on the blog post that he thinks "It's worth noting that batchTransfer isn't a standard ERC20 function so only the contract owners which chose to implement it could be effected."
The current problem with some ERC20 tokens comes just after MyEtherWallet reported yesterday that around $150 mln ETH was stolen in an unrelated DNS hack.
Multiple Exchanges Suspend ERC20 Token Trading Due To Potential BatchOverflow Bug
Published on Apr 25, 2018
by Cointele | Published on Coinage
Coinage
Recent News
View All
First Mover: What's Next for Bitcoin as Wall Street Gets Vaccine Booster
Bitcoin was higher for a second day, staying in a range of between roughly $15,200 and $15,600, as news of progress in developing a coronavirus vaccine appeared to touch off a rally in U.S. stocks.
Market Wrap: Bitcoin Fails to Break $15.9K; Over 50K ETH Staked on Eth 2.0 Contract
Bitcoin gained Wednesday while Ethereum 2.0 staking has been ramping up.
Citibank Analyst Says Bitcoin Could Pass $300K by December 2021
A senior analyst at U.S.-based financial giant Citibank has penned a report drawing on similarities between the 1970s gold market and bitcoin.
Blockchain Bites: Data Unions. Hard Forks. And One Citi Analyst's Case for $300K BTC.
A Citibank managing director thinks bitcoin could hit $318,000.