Huma Protocol on Polygon suffered a security breach resulting in a loss of approximately $101,390. The exploit was traced to a vulnerability in the refreshAccount(address) function, which allowed an unapproved credit line to be moved from 'Requested' to 'GoodStanding' status. This approval-state bypass in the credit lifecycle was exploited by the attacker.
The attacker profited by draining 82,315.57 native USDC and 19,074.73 USDC.e. Key transactions involved in the attack include the main exploit transaction and a state refresh transaction that set the stage for the exploit. The attacker utilized several wallet addresses, including an EOA and a borrower contract, to execute the attack.
Huma Protocol Exploited for $101K on Polygon Due to Approval-State Bypass
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.