Critical Lottery Bug Found in PancakeSwap, PantherSwap, ApeSwap, and Knights BSC

Pancakeswap has named and congratulated the whitehat who found the coding error and helped multiple projects. The savior was awarded a large sum of money for their efforts.

A Bug in the Lottery 

A whitehat by the name of Juno successfully alerted PancakeSwap of a serious error in their lottery coding. A whitehat in the crypto world typically refers to a virtuous and ethical hacker who finds exploits in projects and then alerts the projects of the exploitation. News broke of the successful exploit patch up on July 3rd via a Tweet from Immunefi, a crypto platform that offers bounty rewards for finding and alerting projects of errors in their coding. cdn.embedly.com/widgets/media.html?type=text%2Fhtml&key=96f1f04c5f4143bcb0f2e68c87d65feb&schema=twitter&url=https%3A//twitter.com/immunefi/status/1411386142360936448&image=https%3A//abs.twimg.com/errors/logo46x38.png

‍

Depending on how serious an error they find, the project usually will pay large sums of money. In this case, Juno was paid a well-deserved $70,000 from PancakeSwap for alerting them of the error shown above. If a malicious hacker had found the bug, they could have easily exploited $700,000 from PancakeSwap’s lottery feature. 

‍

The Error Itself

The bug uncovered was reported to PancakeSwap on April 27th. According to Immunefi’s post-mortem Medium post, it had to do with a logic error in the protocol’s lottery. The post states that a hacker could have claimed a winning ticket up to 255 times, thus multiplying the earnings of a regular lottery winning ticket by 255. 

The issue resulted from a lack of validation for ensuring the user claimed a single ticket, which meant, in theory, a malefactor could claim the same ticket infinitely. The only limitation was PancakeSwap’s block size, which would have limited a hacker to claim the same ticket 255 times. 

Shown below is the coding from PancakeSwap’s old bugged lottery contract: 

PancakeSwap shut down their lottery feature prior to the bug being reported. However, they left $700,000 of outstanding winning lottery tickets to be claimed. Once Juno reported the bug, PancakeSwap withdrew all the funds preventing a malicious hacker from exploiting the logic.

E Pluribus Unum

Yet that’s not all. PantherSwap, ApeSwap, and Knights BSC had all forked their lottery feature from PancakeSwap, which meant all their protocols were also at risk. Once the bug was fixed, ApeSwap, PantherSwap, and Knights BSC all sent the whitehat money and tokens for alerting them of the error.cdn.embedly.com/widgets/media.html?type=text%2Fhtml&key=96f1f04c5f4143bcb0f2e68c87d65feb&schema=twitter&url=https%3A//twitter.com/chimpinchip/status/1412115826774208513&image=https%3A//abs.twimg.com/errors/logo46x38.png

‍

Since the error in coding was made known, all projects named above have fixed the exploitation. Immunefi thanked all parties involved for their quick response. All other curious whitehats are encouraged to bring their findings forward and receive awards. The world of Decentralized Finance will only get better as more groups and individuals work together toward a common goal. 

What is PancakeSwap

PancakeSwap is the leading decentralized exchange on Binance Smart Chain, with the highest trading volumes in the market. PancakeSwap runs on Binance Smart Chain, a blockchain with much lower transaction costs than Ethereum or Bitcoin. As a result, trading fees are lower than other top decentralized exchanges, and the protocol offers a secure place to farm yields thanks to their Syrup pools.

Source : bsc.news