ExchangeDEX+

Buy Crypto Markets Spot FuturesGOLD Earn Event Center

PANews reported on July 9 that according to security agency GoPlus, many recent contract attack cases have used EIP-7702 features to bypass on-chain security check mechanisms, including msg.sender == tx.originPANews reported on July 9 that according to security agency GoPlus, many recent contract attack cases have used EIP-7702 features to bypass on-chain security check mechanisms, including msg.sender == tx.origin

GoPlus: Recently, EIP-7702 has triggered multiple contract attacks. It is recommended that the project party strengthen measures such as flash loan attack protection

Author: PANews

Source: PANews

2025/07/09 15:56

1 min read

PANews reported on July 9 that according to security agency GoPlus, many recent contract attack cases have used EIP-7702 features to bypass on-chain security check mechanisms, including msg.sender == tx.origin and msg.sender == _owner, resulting in flash loan attacks and price manipulation, with losses reaching nearly one million US dollars. Case analysis shows that attackers authorized attacks through malicious delegators, affecting well-known DeFi projects including QuickConverter @QuickswapDEX and multiple CSM funding pools.

The implementation of EIP-7702 enables EOA addresses to have smart contract capabilities, and traditional security logic becomes invalid. GoPlus recommends that project owners strengthen protection against flash loan attacks and reentry attacks, reconstruct EOA inspection and permission management logic, and continue to pay attention to the delegator authorization of administrator addresses to prevent potential risks.

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact service@support.mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.

Tags:

#DeFi #On-chain #DEX