- Topic
15k Popularity
24k Popularity
108k Popularity
2k Popularity
19k Popularity
- Pin
- 🚀 ETH jumped to $4,600 this morning, up 8.69% in 24h!
Just shy of the $4,891 ATH—think it breaks through?
📍 Follow Gate_Square, vote and drop your reason.
🎁 4 winners split $100 Futures Voucher! - 📢 Exclusive on Gate Square — #PROVE Creative Contest# is Now Live!
CandyDrop × Succinct (PROVE) — Trade to share 200,000 PROVE 👉 https://www.gate.com/announcements/article/46469
Futures Lucky Draw Challenge: Guaranteed 1 PROVE Airdrop per User 👉 https://www.gate.com/announcements/article/46491
🎁 Endless creativity · Rewards keep coming — Post to share 300 PROVE!
📅 Event PeriodAugust 12, 2025, 04:00 – August 17, 2025, 16:00 UTC
📌 How to Participate
1.Publish original content on Gate Square related to PROVE or the above activities (minimum 100 words; any format: analysis, tutorial, creativ - 💙 Gate Square #Gate Blue Challenge# 💙
Show your limitless creativity with Gate Blue!
📅 Event Period
August 11 – 20, 2025
🎯 How to Participate
1. Post your original creation (image / video / hand-drawn art / digital work, etc.) on Gate Square, incorporating Gate’s brand blue or the Gate logo.
2. Include the hashtag #Gate Blue Challenge# in your post title or content.
3. Add a short blessing or message for Gate in your content (e.g., “Wishing Gate Exchange continued success — may the blue shine forever!”).
4. Submissions must be original and comply with community guidelines. Plagiarism or re - 🎉 The #CandyDrop Futures Challenge# is live — join now to share a 6 BTC prize pool!
📢 Post your futures trading experience on Gate Square with the event hashtag — $25 × 20 rewards are waiting!
🎁 $500 in futures trial vouchers up for grabs — 20 standout posts will win!
📅 Event Period: August 1, 2025, 15:00 – August 15, 2025, 19:00 (UTC+8)
👉 Event Link: https://www.gate.com/candy-drop/detail/BTC-98
Dare to trade. Dare to win.
BlockSec has discovered two major vulnerabilities in digital collectible contracts, locking up $34 million in funds.
The BlockSec team recently discovered two serious vulnerabilities in a certain digital collectible contract. These two vulnerabilities could lead to user assets being locked and the project party being unable to withdraw over $34 million in funds.
The first vulnerability involves the refund feature. The refund function in the contract uses a loop to refund all users, but if any of those users is a malicious contract, it may refuse to accept the refund and cause the entire transaction to fail. This would prevent all users from receiving their refunds. Fortunately, this vulnerability has not been exploited.
For projects that require refunds, it is recommended to take the following security measures:
The second flaw is a code error. In the function for withdrawing project funds, there is a conditional judgment error. The function should compare the refund progress with the bid index, but it mistakenly compares it with the total number of bids. Since the refund progress is always less than the total number of bids and does not increase anymore, the condition can never be satisfied. This prevents the project party from withdrawing the funds locked in the contract.
These vulnerabilities once again highlight that even well-known projects can make fundamental mistakes. Development teams need to write comprehensive test cases and possess basic security awareness. While security audits have become a standard practice in the decentralized finance sector, they are still lacking in digital collectibles projects, and this incident has resulted in massive losses.
This event reminds us that even highly regarded projects can have serious vulnerabilities. It emphasizes the importance of conducting comprehensive security audits in blockchain project development, especially when handling large amounts of funds. The project party should place greater importance on contract security to prevent similar costly mistakes from occurring.