CryptoPotato
CryptoPotato
  • Crypto News
  • Margin Trading
  • Guides
    • Bitcoin & Crypto Guides 101
    • Bitcoin For Beginners
    • Editorials
  • DeFi & NFT
  • Buy
  • Language
  • Crypto News
  • Bitcoin For Beginners
  • Cryptocurrency Guides 101
  • Editorials
  • Bitcoin & Crypto Margin Trading
  • DeFi & NFT News
  • Bitcoin Price Analysis
  • CryptoPotato Crypto Fund
  • Ethereum (ETH) Price Analysis
  • Ripple (XRP) Price Analysis
  • Market Updates
  • Interviews
  • Buy Bitcoin with Card
  • bitcoin
    BTC$23,011.00
  • ethereum
    ETH$1,593.45
    • Market Updates
    • BTC Analysis
    • ETH Analysis
    • XRP Analysis
    • Interviews
    • Opinions
    CryptoPotato
    CryptoPotato
    • Crypto News
    • Margin Trading
    • Guides
      • Bitcoin & Crypto Guides 101
      • Bitcoin For Beginners
      • Editorials
    • DeFi & NFT
    • Buy
    • Language
    • Crypto News
    • Bitcoin For Beginners
    • Cryptocurrency Guides 101
    • Editorials
    • Bitcoin & Crypto Margin Trading
    • DeFi & NFT News
    • Bitcoin Price Analysis
    • CryptoPotato Crypto Fund
    • Ethereum (ETH) Price Analysis
    • Ripple (XRP) Price Analysis
    • Market Updates
    • Interviews
    • Buy Bitcoin with Card
    Home » Crypto News » PancakeSwap Lottery Hack: $1.8 Million in Question

    PancakeSwap Lottery Hack: $1.8 Million in Question

    Author: Varun GS

    Last Updated May 14, 2021 @ 18:07

    $1.8M was drained from the PancakeSwap Lottery pool a few weeks ago via an exploit.

    The Binance Smart Chain continues to see some of the projects being built on it exploited. The latest was done by someone who had access to the PancakeSwap admin address.

    The Exploit

    It’s an age-old problem with smart contracts: randomness. Solidity has no native random function, and all sources of randomness have to be on-chain. Projects use things like block headers, transaction hashes, and more to create legitimate sources of randomness, but none are truly random – they are merely pseudorandom.

    This issue has led to exploits in the past, such as the recent Meebits exploit. The PancakeSwap lottery numbers were generated based on certain predictable conditions. The exploiter could use this information to predict the numbers in advance, thus draining the entire pool.

    Who Did It, and Why?

    The author of this post has provided detailed evidence proving that this may indeed have been foul play from the PancakeSwap admins, given that they created the contract, ‘found’ the exploit, and took the money using their own address.

    While it’s true that the admin account did make use of the exploit and drain the funds, the author has a misconception: this was no foul play, and the funds weren’t stolen. While there has been no official statement from the PancakeSwap team on the matter, this event was clearly a white hat removal of funds from the contract, preventing a malicious actor from figuring out the bug and exploiting it.

    ADVERTISEMENT

    This is evident, first of all, from the fact that the PancakeSwap admins used their public known address to carry out the exploit. If they wished to drain the funds maliciously, they would have used an anonymous account. Secondly, the funds recovered from the lottery pool are being burned in batches by the admin address.

    While an exploit is scary and never a good sign, the handling of this by the team instills some confidence, proving that PancakeSwap is willing to fix issues when necessary (even though they could have trivially taken the morally reprehensible path by stealing user funds).

    SPECIAL OFFER (Sponsored)
    Binance Free $100 (Exclusive): Use this link to register and receive $100 free and 10% off fees on Binance Futures first month (terms).

    PrimeXBT Special Offer: Use this link to register & enter POTATO50 code to receive up to $7,000 on your deposits.

    You Might Also Like:

    • CREAM_finance_cover
      CREAM Finance Exploited, Price Crashes 30% Instantly
    • rugpull_cover
      First Major Rug Pull on Binance Smart Chain? Over $30 Million Drained
    • hacker_steal_cover
      Rari Capital Will Reimburse Hack Victims with $26 Million From Developer Fund
    Tags: Hacking PancakeSwap
    Enjoy reading? Share with your friends
    Facebook Twitter LinkedIn Telegram

    About The Author

    Varun GS
    More posts by this author

    Varun is a writer and computer scientist. He enjoys looking at how cryptocurrencies are reshaping the way the world thinks about economics & finance. You'll most likely find him either studying or gambling on DeFi contracts. Contact: LinkedIn

  • bitcoin
    BTC$23,011.00
  • ethereum
    ETH$1,593.45
  • Join Our Community

    FacebookTwitter YouTubeTelegram


    Editorials
    How Long Will the Ethereum LSD Narrative Last? Talking 2023 Trends with Nansen’s Martin Lee

    How Long Will the Ethereum LSD Narrative Last? Talking 2023 Trends with Nansen’s Martin Lee

    Everything That’s Going on With Pi Network: From Start to Latest Controversial Listing

    Everything That’s Going on With Pi Network: From Start to Latest Controversial Listing

    What is Ethereum Liquid Staking and Why It Is Crucial As Shanghai Upgrade Approaches?

    What is Ethereum Liquid Staking and Why It Is Crucial As Shanghai Upgrade Approaches?

    The Lesson in Alameda-FTX About Government Regulation and Crypto (Opinion)

    The Lesson in Alameda-FTX About Government Regulation and Crypto (Opinion)

    5 Bullish and 2 Bearish Cases for DeFi Going Into 2023 (Opinion)

    5 Bullish and 2 Bearish Cases for DeFi Going Into 2023 (Opinion)

    From Google and Microsoft to Binance: Interview with Head of Product Mayur Kamat

    From Google and Microsoft to Binance: Interview with Head of Product Mayur Kamat

    13 Biggest Crypto Scandals and Controversial Stories of 2022

    13 Biggest Crypto Scandals and Controversial Stories of 2022

    Join Our Newsletter
    Become a CryptoPotato VIP
    One Weekly Email Can Change Your Crypto Life.
    Sign-up FREE to receive our extended weekly market update and coin analysis report
    We NEVER send spam. You can unsubscribe at any time.
    Invalid email address
    Thanks for subscribing!
    Footer Logo
    About
    Advertise on CryptoPotato
    About Us | Contact Us | Careers
    Editorial Policy
    Terms of service | Privacy Policy | GDPR
    More Sections
    IEO List | Evaluations
    Airdrops
    Scholarship
    Disclaimer
    Disclaimer: Information found on CryptoPotato is those of writers quoted. It does not represent the opinions of CryptoPotato on whether to buy, sell, or hold any investments. You are advised to conduct your own research before making any investment decisions. Use provided information at your own risk. Full disclaimer
    © Copyright CryptoPotato 2016 - 2021
    Scroll to top
    One Weekly Email Can Change Your Crypto Life.

    Sign-up FREE to receive our extended weekly market update and coin analysis report

    We never send SPAM. You can unsubscribe at any moment
    Invalid email address
    Thanks for subscribing!