According to Odaily, Casper has announced the successful resolution of a vulnerability in its testnet. On August 7, UTC, an unusual increase in transaction volume was detected on the testnet. Upon investigation, it was discovered that a large number of transactions had been submitted within a few hours, all invoking the add_bid routine on the auction contract. The attack exploited the fact that the auction contract did not specify a minimum value for the add_bid function, allowing thousands of transactions to be submitted at almost zero cost, with bid amounts close to zero.

Casper has responded by increasing the cost of the add_bid function to 3,500 CSPR and introducing a minimum bid of 10,000 CSPR. The community does not need to take any further action. No funds were stolen, and the mainnet was not affected.