The Arena
Avalanche
Last audited on 2023/10/13
No active critical issues
Last Issues (24)
Low | Medium | High | Critical | Total | |
|---|---|---|---|---|---|
Not fixed | 5 | 2 | - | - | 7 |
Fixed | 7 | 5 | 5 | - | 17 |
| Total | 12 | 7 | 5 | 0 | 24 |
Reported rekts
Stars Arena was reported as rekt on 2023/10/06
Click to show description
Quick Summary Stars Arena, an Avalanche-based project, was exploited through a reentrancy attack, leading to a loss of 2,974,530 USD worth 266,102 AVAX. Details of the Exploit Stars Arena is a social platform on the Avalanche chain. On October 7, 2023, the platform suffered a reentrancy attack. The attacker drained funds from the Stars Arena contract, amounting to 2,974,530 USD (266,102 AVAX). The Attacker created a contract that distributed the stolen funds to many addresses, sending 1,000 AVAX each. During the call of the 0xe9ccf3a3 function, the attacker reentered and called the 0x5632b2e4 function, setting a block height. This height was then used as a parameter in the sellShares function, resulting in an abnormally large calculated amount of AVAX to send. Block Data Reference Attacker Address: https://cchain.explorer.avax.network/address/0xa2ebf3fcd757e9be1e58b643b6b5077d11b4ad7a Malicious Transaction: https://cchain.explorer.avax.network/tx/0x4f37ffecdad598f53b8d5a2d9df98e3c00fbda4328585eb9947a412b5fe17ac5 Malicious Contract: https://cchain.explorer.avax.network/address/0x7f283edc5ec7163de234e6a97fdfb16ff2d2c7ac Funds Distribution Transactions: https://snowtrace.io/tx/0x8f5b2e8869260d6854ce4c93f58dfcbf6e8fb18b96c3e76db1eeb6dce0ef9fb1 Some of the Stolen Funds Holders: https://cchain.explorer.avax.network/address/0x9b5ec83e5b9f124056596b7e9cbc08db622d418d https://cchain.explorer.avax.network/address/0xded436c23e42312f866675b4980d0b1633c56b3e
Audit (1)
| # | Name | Auditor | Date | Chains | Issues |
|---|---|---|---|---|---|
| 1 | Audit Report | Paladin | 2023/10/13 | Avalanche | No active critical issues |