CRYPTO

NBA Pauses Minting of The Association NFT Collections After Spotting Serious Vunerability

Share The Knowledge

The National Basketball Association (NBA) revealed pausing minting of its new non-fungible token collection, dubbed – The Association – after a major loophole was detected by BlockSec. Less than a day after the league announced the minting of its Ethereum-based non-fungible token (NFT), it recognized the issues with the smart contract that triggered the “Allow List” supply to sell out prematurely.

The Flaw

Blockchain security firm, BlockSec revealed identifying a serious vulnerability that could have allowed a malicious entity to mint a large number of NFTs, without paying any tokens. According to the official blog post, the company said the main reason behind the flaw is the incorrect use of signature verification.

This essentially means that the contract fails to ensure that the signature can only be used by the user (and only the user) once. The vulnerability also allowed the attacker to reuse a privileged user’s signature and mint tokens to themselves.

The company stated,

“We are surprised that how such a vulnerability can exist in a popular NFT project. The whole community needs to pay more attention to the security of the contract.”

The attacker reportedly managed to mint 100 NFTs and sell them on the OpenSea marketplace. The latest development depicts, once again, the necessity of evaluating the security of a smart contract.


ADVERTISEMENT

A Twitter user said,

“What’s even more hilarious about this NBA Associated NFT is it’s called V2 on OpenSea. Which means they created a contract, found an error and then released V2 with still the most basic exploit possible in it. Whoever at the NBA choose this partnership needs to be fired.”

The NFT Collection

The NBA had first unveiled the launch of its Web 3 project – “The Association” – which involves 18,000 non-fungible tokens representing all 240 assigned NBA players in this year’s playoffs. Furthermore, 75 NFTs are allocated randomly using Chainlink VRF to each player from the 16 participating teams.

Leveraging Chainlink oracles will allow each player’s NFT appearance to alter automatically. The dynamic NFTs will change in appearance based on the performance of the players. In short, more accomplishments during the 2022 NBA playoffs mean players will see more visual changes in their digital collectibles, throughout the course of the postseason tournament.

SPECIAL OFFER (Sponsored)

Binance Free $100 (Exclusive): Use this link to register and receive $100 free and 10% off fees on Binance Futures first month (terms).

PrimeXBT Special Offer: Use this link to register & enter POTATO50 code to receive up to $7,000 on your deposits.

You Might Also Like:


source

Tagged with:

Similar Posts