The blockchain security resource PeckShield was the first to inform about the exploit against SushiSwap’s approval contract.
According to the firm, all 1,800 ETH (worth about $3.3 million) were drained from a single user – @0xsifu.
- The “RouterProcessor2” contract in question is used to execute trade routing on the popular decentralized exchange.
It seems the @SushiSwap RouterProcessor2 contact has an approve-related bug, which leads to the loss of >$3.3M loss (about 1800 eth) from @0xSifu.
If you have approved https://t.co/E1YvC6VZsP, please *REVOKE* ASAP!
One example hack tx: https://t.co/ldg0ww3hAN pic.twitter.com/OauLbIgE0Q
— PeckShield Inc. (@peckshield) April 9, 2023
- Jared Grey, SushiSwap’s head developer, also weighed in on the matter, outlining the “approval bug” and advising users to revoke the approval as soon as possible.
- Additionally, Grey tried to caution the community by noting that the team behind the DEX is working on finding a proper solution.
Sushi’s RouteProcessor2 contract has an approval bug; please revoke approval ASAP. We’re working with security teams to mitigate the issue. https://t.co/WhXJfa5xD4
— Jared Grey (@jaredgrey) April 9, 2023
Binance Free $100 (Exclusive): Use this link to register and receive $100 free and 10% off fees on Binance Futures first month (terms).
PrimeXBT Special Offer: Use this link to register & enter CRYPTOPOTATO50 code to receive up to $7,000 on your deposits.
Source: https://cryptopotato.com/3-3m-in-eth-drained-from-sushiswap-approval-contract/