In light of growing criticism and complaints from the crypto community, one of the largest NFT marketplaces, OpenSea, has refunded around $1.8 million to users who were affected by the recent attack on its platform.
On January 24, 2022, some OpenSea users saw their valuable NFTs sold at rock-bottom prices by hackers who took advantage of a glitch in OpenSea’s listing process to buy those NFTs at nearly 98% off and then resell them for much more. .
OpenSea’s “mistake”
According to a report from blockchain analytics firm Elliptic, the OpenSea exploit was the result of a flaw in the way the platform handles asset listings on its platform.
OpenSea is built on the Ethereum blockchain, which is known for its outrageous gas fees. Therefore, to reduce the amount spent on transactions, the NFT marketplace handles most of its functions off-chain until those transactions need to be sent to the blockchain for settlement.
To list an asset, NFT providers on the platform will need to sign off-chain data confirming the amount they wish to sell their NFTs. However, the problem arises when sellers decide to send a message to the blockchain to cancel the initial listing.
To avoid paying gas fees, providers simply transfer the NFT to another wallet, which invalidates the initial offer as the NFT is no longer on OpenSea.
Things get more complicated when providers transfer the assets to their OpenSea wallets, perhaps when the value of NFTs has increased significantly over time. This is because the initial listing was not wiped from the blockchain and anyone could buy the NFT at the initial price, which is exactly what the perpetrators did.
They allegedly discovered this design flaw in the OpenSea system and executed their attack using a bot to scan the network for NFTs with low-floor pending orders and buy them.
Elliptic revealed that it identified at least five attackers who were involved in the exploit, including user jpegdegenlove, who earned at least 340 Ether worth more than $800,000 at current exploit prices.
OpenSea makes amends
Following the exploit, OpenSea launched a new listing manager on the platform, allowing users to effectively review both active and inactive listings and a one-click option to cancel inactive ones.
The NFT market has also reached out to affected users and reimbursed them. Speaking to Bloomberg, one of the victims of the attack, Robert Garcia, said that his Mutant Ape NFT sold for 4.7 Ether (about $11,300) on Sunday.
Garcia noted that he immediately emailed OpenSea after the unintentional sale and received a response from them on Thursday offering him a refund of 13.8 Ether worth more than $35,000 at current prices.
SPECIAL OFFER (Sponsored)
Binance Free $100 (Exclusive) – Use this link to sign up to receive $100 free and 10% off Binance Futures first month fees (terms).
PrimeXBT Special Offer: Use this link to register and enter the code POTATO50 to get 25% off trading fees.
This post OpenSea compensates affected users with more than 1.8 million dollars after the exploit
was published first on https://cryptopotato.com/opensea-compensates-affected-users-with-over-1-8-million-following-exploit/
