Super Sushi Samurai Token Loses 99% of Value After Security Breach
The Super Sushi Samurai (SSS) game recently experienced a devastating security breach that resulted in a significant drop in its token value. This breach allowed attackers to exploit a double-spending glitch within the game, leading to unauthorized withdrawals totaling $4.8 million from its liquidity pools. The vulnerability was found in the project’s smart contracts, enabling users to manipulate their token balances.
Double-Spending Glitch Causes $4.8 Million Loss
An issue with the token contract on the Blast network caused the liquidity pool for the SSS game to be depleted. This flaw led to users’ balances doubling when they transferred their entire balance to themselves. A solidity and backend developer named “Coffee” discovered this flaw and explained that the order of operations decremented the balance for “from” and then set the balance for “to.” If these addresses were the same, the “toBalance” did not account for the decrement of the “amount” and simply overwrote the balance with the initial balance plus the transferred amount.
Coffee further stated that the attacker was able to exploit this glitch by repeatedly doubling their balance and then selling it all, resulting in a loss of 1310 ETH from the liquidity pool. As a result of this security breach, the trading price of SSS tokens plummeted by over 99.9% since the discovery of this glitch.
Claim of a “White Hat Rescue”
Interestingly, an on-chain message suggested that this exploit was initiated by a “white hat,” referring to an ethical hacker who exposes vulnerabilities in order to fix them. The message stated that it was a white hat rescue hack and called for reimbursing affected users. The SSS Team responded to this message, expressing their willingness to cooperate and work towards resolving the issue.
Conclusion
The Super Sushi Samurai token experienced a severe security breach due to a double-spending glitch within the game’s smart contracts. This breach resulted in unauthorized withdrawals amounting to $4.8 million from its liquidity pools and caused a significant drop in the token’s value. However, there is hope for recovery as an on-chain message suggested that a white hat hacker initiated the exploit and called for reimbursing affected users. The SSS Team has acknowledged this message and expressed their willingness to collaborate. It remains to be seen how this situation will unfold and if the affected users will be fully compensated.