A security flaw in the EIP-7702 account has been exploited, resulting in the theft of 1,988.5 QNT, equivalent to approximately 54.93 ETH, from the QNT reserve pool. The breach occurred when the reserve pool's externally owned account (EOA) delegated code execution to the BatchExecutor contract, which mistakenly authorized the BatchCall contract as a caller. Due to the absence of permission checks in the BatchCall.batch() function, unauthorized external callers were able to deplete the reserve pool's assets.
EIP-7702 Vulnerability Leads to Theft of 1,988.5 QNT
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.