By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

AkuDream Smart Contract Bug Locks Away $33 Million in Ether

Quick take:

  • A smart contract bug of the AkuDream NFT project locks $33 million… forever.
  • 11,500 Ether is now locked up in the contract with no way to get it back.

A smart contract vulnerability has hit AkuDreams, a much-anticipated NFT. The flaw abused the smart contract, causing the auction to be interrupted and leaving them with no way to access $33 million in assets.

The exploit and vulnerability caused over 11,500 Ether worth $33 million to be stuck in the smart contract indefinitely. Even the development team was unable to access the funds.

A pricey bug

The “attack” backfired when someone attempted to illustrate a contract weakness rather than steal funds through hacking.

NFT developer 0xInuarashi used his Twitter account to reveal the $33 million bug's specifics.

He said that the Akutars smart contract was created in such a way that bidder refunds had to be handled first before the team could withdraw funds from the contract.

The contract's issue was that it required a certain number of bids to allow the team to withdraw the assets. However, the minimum number of bids was set at the same number as the number of NFTs offered for auction.

Contract conditions will be locked indefinitely due to certain purchasers minting numerous NFTs in the same bid. This effectively locked in the $33 million payment for the rest of the contract's life.

The team publicized it as a feature

The Aku team entirely ignored the vulnerability and termed it a feature in what looks to be a deleted tweet.

A person took advantage of the contract during the mint, locking the contract's ability to repay underbidders. In addition, the person sent the following note to the Akutars team:

“Well, this was fun, had no intention of actually exploiting this lol. Otherwise, I wouldn’t have used Coinbase. Once you guys publicly acknowledge that the exploit exists, I will remove the block immediately.”

The Kutars responded on Twitter, claiming that the individual was not attempting to take advantage of the contract but rather was attempting to draw attention to it.

On Sunday, the team stated that it had rewritten its minting contract. Despite rewriting the contract, the funds were still blocked and look to be lost forever.

The information provided on DecentReviews does not constitute investment advice, financial advice, trading advice, or any other sort of advice. Do not treat any of the websites content as such. DecentReviews does not recommend that any cryptocurrency or blockchain asset should be bought, sold, or held by you. Conduct your own due diligence and consult your financial advisor before making any investment decisions.

Get free Web3 analysis and news in your inbox

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Platforms/tools Mentioned:

There are no products mentioned.
This page may contain affiliate links. Learn more