Home
News
Details

Security firm Innora discovers two critical vulnerabilities in the Ethereum lending protocol Saturn.

iconChaincatcher
Share
Share IconShare IconShare IconShare IconShare IconShare IconCopy
This is the logo of the coin.
ETH
$2,391.173.13%
AI summary iconSummary

expand icon
A security firm, Innora, has discovered two critical smart contract vulnerabilities in the Ethereum-based lending protocol Saturn. One flaw could freeze funds for 30 days or longer, while another allows privileged addresses to legally withdraw up to 33.33% of funds per operation. With over 90% of assets under privileged control, users face significant blockchain security risks. The report identifies a theoretical exposure of $4.26 million, and the issues remain unpatched.

ChainCatcher report: Security firm Innora has released a report identifying two critical vulnerabilities in the Ethereum-based yield protocol Saturn, including: Withdrawal Freeze Vulnerability: Under normal operational conditions, all user funds could be locked, with a minimum freeze duration of 30 days—or indefinitely in extreme cases. No hacker intervention is required; the protocol itself can trigger this issue. The privileged address within the protocol is permitted to legally withhold up to 33.33% of funds per transaction. Based on current data, this amounts to a maximum of approximately $157,000 per transaction, with a theoretical total risk exposure of up to $4.26 million. Innora noted that over 90% of Saturn’s assets are managed by the privileged address, leaving users entirely dependent on trust. As of the report’s publication, these vulnerabilities remain unpatched.

Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.