BTC
ETH
HTX
SOL
BNB
View Market
简中
繁中
English
日本語
한국어
ภาษาไทย
Tiếng Việt

Lumi Finance was attacked yesterday, with losses of approximately $270,000

2026-07-14 08:34
Odaily News, according to GoPlus monitoring, Lumi Finance on Arbitrum was attacked on July 13, with losses of approximately $270,000. The vulnerability originated from a logic flaw in the validateUserOp function of the Sodium smart account contract ERC-4337 when calling _validateSignature for signature verification. During the execution of isValidSignatureNow, the signer parameter was passed as the attacker's address. After the call to ECDSA.tryRecover failed, it did not revert, but instead called the isValidSignature function in the attacker's contract, which passed the verification.