Binance-listed ERC20 token bills have received a clean bill of health from smart contract security firm Quantstamp subsequent to carrying out an assessment to decide if any of the exchange’s listed assets were at risk to the recently discovered batchOverflow and proxyOverflow weaknesses.
Quantstamp published its assessment report back in April, approving that no ERC20 token already listed on Binance is at risk to the weaknesses, which enables attackers to basically print tokens from nowhere.
“Quantstamp shares Binance’s safety-first philosophy in protecting their customers and supports the exchange’s ambitions to create the gold standard in security for the mass adoption of digital currencies, said Richard Ma, CEO of Quantstamp. “In light of the recent vulnerabilities, we are proud to have assisted Binance in its mission to help protect their token holders and the wider Ethereum community.”
Researchers believe that the weaknesses will affect several tokens whose developers use a function batchTransfer, which is not part of the ERC20 token requirement.
Hackers are able to take advantage of the function with a particular integer overflow error, which basically implies that they try to keep additional information in a variable that is data type can handle. Given that the contracts did not have means to stop this from happening, the hackers are able to create more supply of tokens which is more than the token’s original supply.
However, some of these tokens were listed on high-profile cryptocurrency exchanges, which pushes trading platforms to stop their deposits.
According to Quantstamp, it has reached out to all affected tokens and has offered to help with solving the problem.
“We won’t be making a profit from our effort to make the Ethereum ecosystem more secure,” the company said.