Socket Suffers $3.3 Million Exploit
An attacker siphoned assets from users who had open token approvals for a vulnerable SocketGateway contract.
Quick Take
- Socket suffers a $3.3 million exploit.
- 30 EIPs proposed for the Prague/Electra upgrade.
- IRS releases an update on 6050i requirements.
- CCIP integrates with CCTP.
Listen on: Apple | Castbox | Spotify | YouTube | Lens
This episode is sponsored by Harpie!
Harpie is an onchain security solution that protects your wallet from theft in realtime. Harpie helps you detect and block suspicious transactions before they execute, safeguarding your assets from malicious attacks and scams. Try Harpie for free at harpie.io/ethdaily.
Socket Suffers $3.3 Million Exploit
Cross-chain bridge protocol, Socket, suffered an exploit caused by a vulnerable SocketGateway contract, resulting in the theft of over $3.3 million in user assets. An attacker siphoned assets from users who had open token approvals for the vulnerable SocketGateway contract, which was deployed just three days prior to the exploit. In response, Socket temporarily disabled the affected SocketGateway contract. Users are still advised to revoke their token approvals for this contract. The attack appears to be confined to Ethereum Mainnet. The attacker converted the stolen stablecoin assets into ETH. Among the victims, one user lost 656,682 USDC. Users from third-party wallet providers that use Socket’s liquidity layer, including Rainbow and Zerion, were also impacted.
EIPs Proposed For Prague/Electra
Ethereum community members have proposed roughly 30 EIPs for the upcoming Prague/Electra upgrade, which is currently the next hardfork after Dencun. The EIPs cover a variety of areas, including Verkle Trees, Ethereum Object Format (EOF), Simple Serialize (SSZ), PeerDAS, new opcodes, new precompiles, and new transaction types. During the last ACDE call, core developers agreed that the Prague/Electra upgrade should prioritize the implementation of Verkle Trees. EOF, a set of EIPs designed to offer an optional container for EVM code, was previously pushed from the Dencun upgrade with the intention of including it in the Prague hard fork. Notable among the proposed EIPs are EIP-4444, EIP-7212, EIP-7002, and EIP-7034. Active discussions regarding the proposals are currently taking place in the Ethereum Magicians forum.
IRS Update On 6050I Requirement
The IRS announced an update concerning the reporting requirement for business digital asset transactions of $10,000 or more. The new rule, which became effective this year, is an extension of the current rule applicable to cash transactions, and it requires the filing of a report within 15 days following the transaction. In the today’s update, the IRS stated that businesses are not required to report the receipt of $10k digital assets until both the U.S. Treasury and the IRS issue specific regulations. The clarification follows a statement by Coin Center indicating the absence of clear guidelines on reporting such transactions. The IRS is also accepting public comment on the new requirement.
CCIP Integrates With CCTP
Chainlink’s Cross-Chain Interoperability Protocol (CCIP) is now integrated with Circle’s Cross-Chain Transfer Protocol (CCTP), enabling improved security for USDC transfers. The integration allows developers building on CCIP to enable USDC transfers across seven CCTP-supported chains. CCIP enables arbitrary cross-chain messaging while CCTP is a dedicated bridging protocol for native USDC.
Other News
- Vitalik on defining Validiums vs Rollups
- Goerli Dencun hardfork will go live soon
- Expectations for the Goerli hard fork
- Polygon to join the Tokenized Asset Coalition
- Synonym Finance mainnet on 30th January
- Introducing Safe Crosschain
- PartyDAO introduces chat
- Term Labs weETH lending market
- Implementation of ERC-5564 stealth addresses
- DAO-powered implementation of Shutter Network
Subscribe
🔗 Website | 🎙️ Podcast | 🎥 YouTube | 🐦 X | 🌿 Lens | 🟪 Farcaster