According to a code audit by SafeMoon, a DeFi project, 12 vulnerabilities put millions of investors at risk. The alert is for everyone to leave the project as quickly as possible until the problems are resolved.
DeFi projects are relatively new to the cryptocurrency ecosystem, particularly those utilizing the Binance Smart Chain network. With more than 2 million holders, SafeMoon has become one of BSC's biggest projects, ranking 50th in market value.
However, it is important for DeFi projects to be audited, giving investor’s confidence in the technology used in the protocol. In the case of SafeMoon, auditors were not confident.
SafeMoon Code Has Critical Vulnerability, HashEx Auditors Warn
It is increasingly common for DeFi projects to be hacked or even fraudulently shut down by their creators. Thus, one of the requirements of investors, who seek solidity in a code of this type, is the contracting of audits.
In the case of SafeMoon, HashEx ended up performing an audit on the code, revealing the results this Tuesday (25). For those who invest in the project, the news is not encouraging.
"$SAFEMOON has grown over 15,000% since its launch, its market cap has surpassed $6 billion and liquidity in dex swaps is currently over $200,000,000. HashEx has discovered what exactly 2 million investors are putting into risk."
According to the auditors, 12 vulnerabilities were discovered in SafeMoon's code, 2 critical and 3 high risk. Of those, 4 attacks could be performed in combination, causing even more damage to SAFEMOON holders.
The worst vulnerabilities were explained by the auditors, with emphasis on a possibility of rug pull (pulling the rug), temporarily blocking token transfers, making smart contract permanently inoperative, excluding holders from commission distributions and defining commissions for SafeMoon transfer by up to 100%.
SafeMoon team commented that they cannot update the code without a hard fork
HashEx auditors, before publishing the results of their audit, reached out to SafeMoon's developers to tell them about the code findings. However, DeFi cryptocurrency CTO Thomas Smith commented that it is not possible to change the code without a hard fork, something that is not being planned right now.
It's not good to trust people, only code
A common motto in the cryptocurrency market is never to trust, but to investigate. Thus, the HashEx auditors were not happy with the SafeMoon developers, who, despite receiving information about serious vulnerabilities, were not willing to correct them.
HashEx's SafeMoon report was posted on the auditors' GitHub and can be read by any investor interested in understanding more about possible attacks on the DeFi code.
BSC Smart Contract Audit is a procedure that involves a meticulous examination of the Solidity code created by developers for use in Smart Contracts. By fixing any flaws or mistakes that might expose users or create possible issues in the future, an audit safeguards the code.
Get your smart contract audit report and consultation services from the top blockchain professionals at Cyphershield.