CTO of OpenSea breaks it down.
Phishing attack + exploit of faulty code
OpenSea not off the hook here.
https://twitter.com/Nesotual/s...
Seen confusion about the OS thing so.
Attacker had people sign half of a valid wyvern order, the order was basically empty except the target (attacker contract) and calldata, attacker signs other half of order.
OpenSea的首席技术官将其分解。
网络钓鱼攻击+利用错误代码
OpenSea在这里没有脱身。
https://twitter.com/Nesotual/s...
看到了关于操作系统的困惑。
攻击者让人签署了一半有效的wyvern订单,订单基本上是空的,除了目标(攻击者合同)和calldata,攻击者签署了另一半订单。