This page collects WhisperX intelligence signals tagged #smart contract. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A critical authorization bypass has been identified in a smart contract's payout mechanism. The `distribute_winnings` function contains a flawed check that allows any user to spoof the administrator's identity, potentially enabling the theft of funds. The function manually asserts that the transaction `caller` is not t...
A critical security vulnerability has been identified in a smart contract system, exposing its core operational logic to unmitigated risk. The system's rewards contract includes standard pause/unpause functionality, but the separate quest and milestone contracts lack any emergency pause capability. This architectural o...
A critical security gap has been identified in a staking contract's design: it lacks an emergency pause mechanism, leaving the protocol defenseless if a vulnerability is discovered. Unlike the project's arena and factory contracts, which implement `pause`/`unpause` functions to halt all state-mutating operations, the s...
The decentralized finance platform Drift has been forced to suspend all deposits and withdrawals following a major security breach, with initial blockchain tracker estimates pointing to losses in the hundreds of millions of dollars. The incident, which involved the theft of a significant volume of cryptocurrency, is al...
A public feud has erupted between crypto entrepreneur Justin Sun and the WLFI platform, escalating from criticism to a direct threat of legal action. Sun launched a sharp critique of WLFI, focusing on what he alleges are excessively long token lockup periods and, more critically, the existence of 'blacklist' functions ...
A cryptocurrency project linked to former U.S. President Donald Trump is facing a major investor revolt over allegations it secretly embedded controls allowing insiders to freeze token holders' funds. The World Liberty project, promoted with Trump's name and image, is now under intense scrutiny for what investors claim...
A documented vulnerability in the `common-admin` contract architecture allows the intended two-step admin transfer protection to be defeated through same-transaction execution. The flaw, present in `contracts/common-admin/src/lib.rs`, permits both the `propose_admin` and `accept_admin` functions to execute atomically w...