Did ERC-2771 and Multicall Integration Cause Web3's Smart Contract Vulnerabilities? ☠️
#OpenZeppelin identified 13 vulnerable smart contracts resulting from the ERC-2771 and Multicall integration.
#Thirdweb revealed a widespread security risk affecting common Web3 contracts, prompting alerts from OpenZeppelin, Coinbase NFT, and OpenSea.
The issue stems from flawed integration, allowing potential exploitation. OpenZeppelin proposed a 4-step safety protocol, advising disabling forwarders, contract pausing, revoking approvals, upgrades, and snapshot evaluations.
Thirdweb launched a tool to check #vulnerabilities . Velodrome paused Relay services for a secure update. AI's role in contract auditing was discussed; while not on par with human auditors, it accelerates and strengthens the process, according to Librehash's James Edwards.
