Rocket Pool project favicon

Rocket Pool

Multi-Chain
Last audited on 2023/11/30
No active critical issues

Last Issues (7)

Low
Medium
High
Critical
Total
Not fixed
----0
Fixed
52--7
Total52007

Reported rekts

Rocket Pool was reported as rekt on 2023/03/29
Click to show description
Quick Summary

On March 30, 2023, the RPL balance of the poap.eth wallet (0xf6B6F07862A02C85628B3A9688beae07fEA9C863) was drained due to a
phishing attack.




Details of the Exploit

The attacker used a phishing attack against the owner of the poap.eth wallet and gained a significant allowance in RPL tokens. Two
different exploiter addresses then executed the transferFrom() function, resulting in the theft of 21,474 and 64,423 tokens. The
RPL tokens were subsequently swapped to ETH and dispersed between a few different wallets.




Block Data Reference

Approve tx:

https://etherscan.io/tx/0xd36e7d75f9d5ff768d5ae53277f44ce5d130c6362cb06ca12d02023bd0373add




transferFrom tx:

https://etherscan.io/tx/0x13cd0edda83aa778b81f877e2be1e49c070b1fb93aeb777a0399a613abd0f632

https://etherscan.io/tx/0xc3a9d6e486fe39d370e8fceab28f6d4b98ff98b5b1be9228681260f01a69819b

Audits (3)

#NameAuditorDateChainsIssues
1Rocket Pool (Houston)Consensys2023/11/30
Off-Chain (Private)
No active critical issues
2Rocket Pool Atlas (v1.Consensys2022/12/31
Off-Chain (Private)
No active critical issues
3RocketpoolConsensys2021/03/31
Off-Chain (Private)
2 active critical issues