Ethereum Dev Reports “Critical Vulnerabilities” in Gambling App FairWin
An Ethereum developer has reported finding a critical vulnerability in the gambling game FairWin, which is believed to have been using most of the network's capacity earlier this month.
Philippe Castonguay, R&D researcher for blockchain-gaming studio Horizon Games, says that the gambling app built upon Ethereum’s network has multiple vulnerabilities,
[FairWin] contains critical vulnerabilities that put all funds at risk...details on the exploits will be published soon.
Castonguay expanded upon the vulnerabilities to The Block,
One allowing the owner/admin of the contracts to totally drain [the smart contract containing $8 million in ether], one where the admin can prevent users from withdrawing forever and one where anyone, not just the owner, can steal new deposits.
In addition to pointing out the application’s vulnerabilities, Castonguay also called FairWin a “ponzi scheme.” The description of the game’s structure more closely resembles a pyramid scheme, paying abnormal dividends to users who deposit ether on the platform while providing network effect incentives to more vested participants.
Despite the accusations of being a scheme, FairWin has managed to gain a substantial foothold on Ethereum’s network. Tracking platform ETH Gas Station shows that the gambling game accounts for more than 60% of total gas usage on Ethereum, with more than $8 million in ether locked in smart contracts.
FairWin’s website claims the gambling app has no risk of stolen funds and the smart contract code has been “securely authenticated.”
Featured Image Credit: Photo via Pixabay.com
Back to the list