The attack took place today and involved several transactions that took money from the #Sentiment protocol on the #Arbitrum Layer 2 scaling solution.
Because that Sentiment has not provided an explanation, several members of the community have conjectured that the project was hacked using blockchain information.
A smart contract called Synapse Bridge, which connects Sentiment and Arbitrum, has a bug that the hacker uses to his advantage. In order to avoid paying back the debt, the hacker was able to repeatedly withdraw #USDC from the bridge, which led to a reentry attack.
The attack's wallet has been dubbed "Sentimentxyz Exploiter" by Arbiscan, and the team has tweeted that they are aware of a "potential issue" with the protocol.
Developer Pascal Marco Caversaccio proposed that the incident was probably the result of a reentry attack. Before a Sentiment contract that is vulnerable to this form of attack can have its status changed, an external contract must communicate with it often.
Further investigation suggests that the attacker might have gained the deployer key for the protocol. The attacker began by sending a contract to the address below on the Arbitrum network.
Sentiment has taken steps to ascertain the incident's primary cause and lessen the likelihood of additional casualties. In addition to working with outside auditors and security firms, the team has gotten in touch with police enforcement. The attack raised concerns about Layer 2 solutions' dependability and security as well as their compatibility with other protocols.
This news is republished from https://coinaquarium.io/