Featured crypto, SafeMoon is the subject of a major security alert. A potential flaw in the smart contract could cost a whopping $20 million.
The same coin SafeMoon had a thunderous start to the year after launching in March. Afterwards, the token’s value underwent a violent correction. Since April, and its ATH, its price has fallen by more than 60%.
A new revelation could undermine the cryptocurrency’s efforts to resume its rise. It is the security of the blockchain that is at issue here. A security vendor, HashEx, lists several serious flaws.
Experts have indeed conducted an in-depth analysis of the code of SafeMoon’s smart contract. The conclusions are not encouraging. In total, no less than 12 vulnerabilities have been detected.
Among them, five are classified as critical and very severe. One flaw in particular attracts attention. According to security researchers, SafeMoon is vulnerable to a “Temporary ownership renounce” attack.
Such an attack, if successful, could result in the theft of $20 million. This scenario stems from the ownership of the SafeMoon contract being held by an external account or EOA.
This account controls a very significant portion of the token’s liquidity. In case of compromise of this EOA by an internal or external attacker, this liquidity could potentially be diverted.
The developers of SafeMoon want to reassure however. They assure Cointelegraph that the ownership of the contract is secure. Aware of the threat, the team has put in place policies that prohibit any connection of the proprietary wallet to third-party decentralized applications.
But the potential vulnerabilities do not only concern this point. HashEx also points to functions of the smart contract related to the payment of rewards. Thus, an attacker could direct these rewards to a specific wallet.
Normally, each sale of SafeMoon tokens generates 10% commission. Half of this amount goes to existing token holders. However, a hacker could hijack the system by changing the fee settings and collect the entire amount.
These findings of the security audit are known, SafeMoon again assures. The flaws were already identified by the official auditor of the blockchain, Certik. Their correction will however require a hard fork.