Breaking: SuperRare Staking Contract Hit by $730K Exploit—$RARE Token Unscathed
Main Idea
SuperRare's RareStakingV1 contract was exploited due to a permission check flaw, resulting in the theft of 11.9M RARE tokens worth approximately $730K, though the core $RARE token contract remained unaffected.
Key Points
1. The exploit was caused by a flawed permission check in the 'updateMerkleRoot' function, allowing unauthorized claims of RARE tokens.
2. Security firms Blockaid and MistEye identified the vulnerability, which enabled the attacker to modify the Merkle Root and drain funds.
3. The attacker's address, funded via TornadoCash, executed the exploit and currently holds the stolen $731K worth of RARE tokens.
4. The NFT market showed signs of resurgence with a $1B value increase and a 287% surge in trading volumes prior to the exploit.
5. Despite the exploit, the core functionalities of the $RARE token contract were not compromised.
Description
The NFT marketplace SuperRare’s RareStakingV1 contract was exploited, allowing attackers to drain 11.9M RARE tokens. Importantly, the vulnerability did not compromise the underlying $RARE token contract or its core functionalities. SuperRare’s exploited RareStakingV1 contract was part of the platform’s staking and curation initiative launched in August 2023. The Rare Protocol was introduced as a solution to a persistent problem in the NFT space: quality curation and creator discovery. Through it...
Latest News
- Coinbase in Advanced Talks to Acquire CoinDCX at Valuation Below $1B: Report2025-07-29 03:36:54
- Interactive Brokers Mulls Stablecoin Launch to Serve Users2025-07-29 03:36:19
- South Korea’s Biggest Parties Roll Out Stablecoin Bills, Clash on Interest Payment Plans2025-07-28 23:43:21
- Google’s Gemini AI Predicts the Price of XRP, Shiba Inu and Pepe by the End of 20252025-07-28 22:42:38
- China Industrial Bank Fast-Tracks AI-Driven Stablecoin Plan Amid Dollar Dominance Threat2025-07-28 22:01:58