Fireblocks Discloses UniPass Vulnerability
Attackers could have exploited the vulnerability by modifying the trusted EntryPoint in hundreds of UniPass wallets.
Quick Take
- Fireblocks discloses a UniPass wallet vulnerability.
- Arbitrum Orbit is mainnet ready.
- Polygon activates the Inca Berry upgrade.
- MetaMask expands supported networks on its bridge app.
Listen on: Apple | Castbox | Spotify | YouTube
Fireblocks Discloses UniPass Vulnerability
The Fireblocks security team disclosed an ERC-4337 Account Abstraction-related vulnerability in UniPass's smart contract wallet. Attackers could have exploited the vulnerability by modifying the trusted EntryPoint in hundreds of UniPass wallets, which would allow them to control and drain funds from the wallets. Together with Fireblocks, UniPass executed a whitehat operation to patch the vulnerability, setting the EntryPoint of impacted wallets to a new rescue contract and adding missing permissions. Fireblocks highlighted the challenges of securing modular smart contracts and the need for standardized security measures such as ERC-6900.
Arbitrum Orbit Is Mainnet Ready
Arbitrum Orbit, a tech stack for deploying L3 appchains on Arbitrum AnyTrust chains, is now mainnet ready. Orbit chains can post data availability to Arbitrum One or Arbitrum Nova, enabling ultra-low-cost transactions. Gaming and derivatives platforms have emerged as top application use cases for Orbit chains. Service providers Caldera, Conduit, and AltLayer will facilitate the deployment of Orbit chains. Arbitrum Orbit is compatible with Stylus, a tech stack that supports smart contracts written in any WASM-compatible language. Orbit chains can also integrate Arbitrum Nitro updates without having to obtain governance approval.
Polygon zkEVM Inca Berry Upgrade
zaPolygon has initiated the Inca Berry Upgrade for its zkEVM Mainnet Beta, which introduces cryptographic enhancements, bug fixes, and updates to the prover and node. A 10-day timelock, set to conclude on November 5th, is in place for users to withdraw funds and for developers to test the update. Developers will need to adopt the latest versions of the node and prover once the upgrade is live on the Ethereum Mainnet,
MetaMask Bridge Portal Expands Networks
MetaMask added support for bridging between Base, zkSync Era, and Linea, bringing the total number of supported networks to nine within its bridge portal. Powered by bridge aggregators Socket and LI.FI, the portal includes bridge providers like Hop, Celer cBridge, and Polygon Bridge. A 0.875% fee is applied to all bridging transactions on MetaMask's portfolio dapp.
Other News
- DeBridge kicks off OP rebates
- S.box onchain URL shortener
- Polygon Miden VM v0.7 release
- Besu v23.10.1 release
- Fe v0.25.0 release
- CCTP is live on Base
- Etherscan 4337 tx display format
- Rated now tracks Holesky testnet
- LayerZero wstETH OFT concerns
- Kraken releases user data to IRS
- Blockworks introduces Arbitrum Coalition
- Frame live on Arbitrum Nitro testnet
- Aera treasury mgmt protocol
- PRISMA tokenomics
Subscribe
🔗 Website | 🎙️ Podcast | 🎥 Video | 🌿 Lens | 🐦 Twitter | 🟪 Farcaster