Cryptocurrency infrastructure firm Fireblocks has identified and assisted in tackling what it describes as the first account abstraction vulnerability within the Ethereum ecosystem.
According to Fireblocks, the vulnerability would allow a potential attacker to carry out a full account takeover of UniPass wallet by manipulating Ethereum's account abstraction process.on ERC-4337, account abstraction allows for a shift in the way transactions and smart contracts are processed by the blockchain to provide flexibility and efficiency.Conventional Ethereum transactions involve two types of accounts, externally owned accounts and contract accounts.
As Fireblocks explains, when an ERC-4337-compliant account executes an action, it relies on the Entrypoint contract to make sure only signed transactions get executed. These accounts typically trust an audited single EntryPoint contract to ensure that it receives permission from the account before executing a command:
According to Fireblocks, the vulnerability allowed an attacker to gain control of UniPass wallets by replacing the trusted EntryPoint of the wallet. Once the account takeover was complete, an attacker would be able to access the wallet and drain its funds.
Coin Coin Latest News, Coin Coin Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Source: CoinDesk - 🏆 291. / 63 Read more »
Source: Utoday_en - 🏆 295. / 63 Read more »
Source: Utoday_en - 🏆 295. / 63 Read more »
Source: FXStreetNews - 🏆 14. / 72 Read more »
Source: FXStreetNews - 🏆 14. / 72 Read more »
Source: TheBlock__ - 🏆 464. / 53 Read more »