BTC
ETH
HTX
SOL
BNB
시장 동향 보기
简中
繁中
English
日本語
한국어
ภาษาไทย
Tiếng Việt

Lumi Finance was attacked yesterday, losing approximately $270,000

2026-07-14 08:34
Odaily Planet Daily News: According to GoPlus monitoring, Lumi Finance on Arbitrum was attacked on July 13, losing approximately $270,000. The vulnerability originated from a logic flaw in the `validateUserOp` function of the Sodium smart account contract (ERC-4337) when calling `_validateSignature` for signature verification. During the execution of `isValidSignatureNow`, the `signer` parameter was passed as the attacker's address. After the call to `ECDSA.tryRecover` failed, the transaction did not revert. Instead, it proceeded to call the `isValidSignature` function in the attacker's contract, which passed the verification.