According to Foresight News, GoPlus released the x402 ecological risk scanning report stating that several early x402 projects have high-risk vulnerabilities such as excessive permissions, unlimited minting, HonyPot, and signature replay. Among them, @402bridge experienced a permissions vulnerability that led to the theft of over 200 users' USDC, and Hello402 also faced a price fall due to unlimited minting and liquidity issues. AI scanning shows that the following projects all have serious risks that could allow assets to be directly withdrawn or bypass authorization, reminding users to be cautious of early x402 MEME project risks: FLOCK (0x5ab3): the transferERC20 function allows the owner to withdraw any amount of any token from the contract. x420 (0x68e2): the crosschainMint function can mint tokens without restriction. U402 (0xd2b3): the mintByBond function allows bond to mint tokens without limit. MRDN (0xe57e): the drawbackToken function allows the owner to withdraw any amount of any token from the contract. PENG (0x4444ee, 0x444450, 0x444428): the manualSwap function allows the owner to withdraw ETH from the contract, while the transferFrom function bypasses the permission checks for special accounts. x402Token (0x40ff): the transferFrom function bypasses the permission checks for special accounts. x402b (0xd8af5f): the manualSwap function allows the owner to withdraw ETH from the contract, while the transferFrom function bypasses the permission checks for special accounts. x402MO (0x3c47df): the manualSwap function allows the owner to withdraw ETH from the contract, while the transferFrom function bypasses the permission checks for special accounts. H402 (old version) (0x8bc76a): the drawbackDevToken function allows the owner to mint tokens directly, while the addTokenCredits + redeemTokenCredits functions can achieve unlimited minting.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Grayscale Stakes 102,400 ETH Worth $237 Million
Gate News message, April 25 — Grayscale has staked 102,400 ETH, valued at approximately $237 million, according to a post by Trader That Martini Guy on April 25. The move represents one of the largest institutional Ethereum staking actions in recent times.
Ethereum staking reduces the circulating s
GateNews44m ago
Ethereum NFT Trading Volume Hits $3.93M in 24 Hours, BAYC Surges Over 266%
Gate News message, April 25 — According to CryptoSlam, Ethereum NFT trading volume reached $3.934 million over the past 24 hours, up 72.78%. BAYC led the market with over $1.45 million in trading volume, posting a 266.35% surge in 24-hour activity.
Courtyard generated approximately $980,000 in trad
GateNews1h ago
KelpDAO Recovers $43M in rsETH, Narrows Shortfall to 89,500 ETH
Gate News message, April 25 — KelpDAO announced progress on rsETH holder recovery efforts coordinated with Aave and ecosystem partners since April 18. The initial shortfall was 163,200 ETH; Kelp has recovered 40,300 rsETH (approximately 43,000 ETH), and the Arbitrum Security Council has secured an a
GateNews1h ago
Aave Proposes 25,000 ETH to DeFi United for Kelp DAO Exploit Relief
Aave service providers put forth a governance proposal on Friday to contribute 25,000 ETH—worth nearly $58 million—from the protocol's DAO to DeFi United, a coordinated relief effort to restore backing for rsETH following the Kelp DAO exploit. The proposed contribution would help close the
CryptoFrontier2h ago
ETH ICO Whale Transfers 10,000 ETH to Multi-Sig Address, Likely Preparing for Sale
Gate News message, April 25 — An Ethereum ICO whale holding 1 million ETH transferred 10,000 ETH worth approximately $23.21 million to a multi-signature address, according to on-chain analyst monitoring. This marks the second such transfer within the past week.
The receiving address has
GateNews3h ago
Fluent Ethereum Layer 2 Mainnet Goes Live With BLEND Token and $50M Day-One Liquidity
Gate News message, April 25 — Fluent, an Ethereum Layer 2 network, launched its mainnet and native BLEND token on Friday with $50 million in committed day-one liquidity. The network features blended execution, an architecture that allows applications built for different virtual machines to operate w
GateNews3h ago
