SlowMist Analysis: GMX v1 has a design flaw, GLP price can be manipulated by reentrancy attacks

PANews
2025/07/10 07:52
GMX
GMX$11.64-19.55%
The Root Network
ROOT$0.003866+17.00%

PANews reported on July 10 that in response to the GMX attack, SlowMist analysis pointed out that the root cause of the attack was a design flaw in GMX v1: in this version, short selling operations would immediately update the global short average price (globalShortAveragePrices), and this price would directly affect the calculation of the asset management scale (AUM), thereby enabling attackers to manipulate the pricing of GLP tokens.

The attackers took advantage of this design flaw and used Keeper's function of enabling timelock.enableLeverage during order execution (a prerequisite for creating a large short position). Through a reentrancy attack, they successfully established a large short position, thereby manipulating the global average price, artificially raising the GLP price in a single transaction, and profiting from redemption operations.

According to news from yesterday, GMX stated that it has suspended trading on GMXV1 and the minting and redemption of GLP. About $40 million was stolen.

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact service@mexc.com for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.

You May Also Like

New wallet spent $1.91 million to purchase 6.64 million USELESS at an average price of $0.288

New wallet spent $1.91 million to purchase 6.64 million USELESS at an average price of $0.288

PANews reported on July 10 that according to Onchain Lens monitoring, a newly created wallet purchased 6.64 million USELESS tokens at a price of US$0.288 per coin, spending a total
USELESS COIN
USELESS$0.297896+12.44%
Ambire Wallet
WALLET$0.01517+5.71%
Share
PANews2025/07/10 15:40
BNB completes 32nd quarterly destruction, worth approximately $1.024 billion

BNB completes 32nd quarterly destruction, worth approximately $1.024 billion

PANews reported on July 10 that the BNB Foundation announced the completion of the 32nd quarterly destruction, with a total of 1,595,599.78 BNBs destroyed, worth approximately $1.024 billion. This includes
Binance Coin
BNB$670.7+1.43%
Share
PANews2025/07/10 15:44
Trader Eugene: Memecoin market may not fall due to Pump.fun TGE, it may even be a buying opportunity

Trader Eugene: Memecoin market may not fall due to Pump.fun TGE, it may even be a buying opportunity

PANews reported on July 10 that trader Eugene said that the decline in the Memes market due to the launch of TGE by the Pump.fun platform does not seem to
Notcoin
NOT$0.001985+6.32%
MAY
MAY$0.05811-1.54%
PUMP
PUMP$----%
FUNToken
FUN$0.012967+3.53%
MEMES
MEMES$0.00008862-2.64%
Share
PANews2025/07/10 15:31

Trending News

More

New wallet spent $1.91 million to purchase 6.64 million USELESS at an average price of $0.288

BNB completes 32nd quarterly destruction, worth approximately $1.024 billion

Trader Eugene: Memecoin market may not fall due to Pump.fun TGE, it may even be a buying opportunity

South Korean software developer Polaris Office files trademark application for Korean won stablecoin

Trump-linked American Bitcoin raises $220M to purchase Bitcoin and mining rigs