- Topic
28k Popularity
15k Popularity
45k Popularity
16k Popularity
41k Popularity
19k Popularity
7k Popularity
3k Popularity
113k Popularity
28k Popularity
- Pin
- 🎊 ETH Deposit & Trading Carnival Kicks Off!
Join the Trading Volume & Net Deposit Leaderboards to win from a 20 ETH prize pool
🚀 Climb the ranks and claim your ETH reward: https://www.gate.com/campaigns/site/200
💥 Tiered Prize Pool – Higher total volume unlocks bigger rewards
Learn more: https://www.gate.com/announcements/article/46166
- 📢 ETH Heading for $4800? Have Your Say! Show Off on Gate Square & Win 0.1 ETH!
The next bull market prophet could be you! Want your insights to hit the Square trending list and earn ETH rewards? Now’s your chance!
💰 0.1 ETH to be shared between 5 top Square posts + 5 top X (Twitter) posts by views!
🎮 How to Join – Zero Barriers, ETH Up for Grabs!
1.Join the Hot Topic Debate!
Post in Gate Square or under ETH chart with #ETH Hits 4800# and #ETH# . Share your thoughts on:
Can ETH break $4800?
Why are you bullish on ETH?
What's your ETH holding strategy?
Will ETH lead the next bull run?
Or any o
- 🧠 #GateGiveaway# - Crypto Math Challenge!
💰 $10 Futures Voucher * 4 winners
To join:
1️⃣ Follow Gate_Square
2️⃣ Like this post
3️⃣ Drop your answer in the comments
📅 Ends at 4:00 AM July 22 (UTC)
- 🎉 #Gate Alpha 3rd Points Carnival & ES Launchpool# Joint Promotion Task is Now Live!
Total Prize Pool: 1,250 $ES
This campaign aims to promote the Eclipse ($ES) Launchpool and Alpha Phase 11: $ES Special Event.
📄 For details, please refer to:
Launchpool Announcement: https://www.gate.com/zh/announcements/article/46134
Alpha Phase 11 Announcement: https://www.gate.com/zh/announcements/article/46137
🧩 [Task Details]
Create content around the Launchpool and Alpha Phase 11 campaign and include a screenshot of your participation.
📸 [How to Participate]
1️⃣ Post with the hashtag #Gate Alpha 3rd - 🚨 Gate Alpha Ambassador Recruitment is Now Open!
📣 We’re looking for passionate Web3 creators and community promoters
🚀 Join us as a Gate Alpha Ambassador to help build our brand and promote high-potential early-stage on-chain assets
🎁 Earn up to 100U per task
💰 Top contributors can earn up to 1000U per month
🛠 Flexible collaboration with full support
Apply now 👉 https://www.gate.com/questionnaire/6888
Cellframe Network suffered a flash loan attack of $76,112 due to a liquidity migration vulnerability.
Cellframe Network Flash Loan Attack Incident Analysis
On June 1, 2023, at 10:07:55 (UTC+8), Cellframe Network was attacked by hackers on a certain smart chain due to a token quantity calculation issue during the liquidity migration process. This attack resulted in the hackers profiting approximately $76,112.
Root Cause of the Attack
The calculation issues during the liquidity migration process are the main reason for this attack.
Detailed Attack Process
The attacker first obtained 1,000 native tokens of a certain chain and 500,000 New Cell tokens through Flash Loans. Then, they exchanged all New Cell tokens for native tokens, causing the number of native tokens in the liquidity pool to approach zero. Finally, the attacker exchanged 900 native tokens for Old Cell tokens.
It is worth noting that the attacker added liquidity of Old Cell and native tokens before carrying out the attack, obtaining Old lp.
Next, the attacker invoked the liquidity migration function. At this point, there are almost no native tokens in the new pool, and almost no Old Cell tokens in the old pool. The migration process consists of the following steps:
Since there are basically no Old Cell tokens in the old pool, the number of native tokens obtained when removing liquidity increases, while the number of Old Cell tokens decreases. This causes users to only need to add a small amount of native tokens and New Cell tokens to obtain liquidity, while the excess native tokens and Old Cell tokens are returned to the users.
Security Recommendations
When migrating liquidity, one should fully consider the changes in the quantities of the two tokens in the old and new pools, as well as the current token prices. Directly calculating the quantities of the two currencies through the trading pair can be easily manipulated.
Before the code goes live, it is essential to conduct a comprehensive security audit to prevent potential vulnerabilities and attack risks.
This incident once again emphasizes the importance of implementing strict security measures in DeFi projects, especially when it comes to complex operations such as liquidity migration. Project teams need to be more cautious and ensure that all possible attack vectors are fully considered and mitigated.