- Topic
33k Popularity
34k Popularity
147k Popularity
5k Popularity
19k Popularity
- Pin
- 🎉 Hey Gate Square friends! Non-stop perks and endless excitement—our hottest posting reward events are ongoing now! The more you post, the more you win. Don’t miss your exclusive goodies! 🚀
🆘 #Gate 2025 Semi-Year Community Gala# | Square Content Creator TOP 10
Only 1 day left! Your favorite creator is one vote away from TOP 10. Interact on Square to earn Votes—boost them and enter the prize draw. Prizes: iPhone 16 Pro Max, Golden Bull sculpture, Futures Vouchers!
Details 👉 https://www.gate.com/activities/community-vote
1️⃣ #Show My Alpha Points# | Share your Alpha points & gains
Post your - 💙 Gate Square #Gate Blue Challenge# 💙
Show your limitless creativity with Gate Blue!
📅 Event Period
August 11 – 20, 2025
🎯 How to Participate
1. Post your original creation (image / video / hand-drawn art / digital work, etc.) on Gate Square, incorporating Gate’s brand blue or the Gate logo.
2. Include the hashtag #Gate Blue Challenge# in your post title or content.
3. Add a short blessing or message for Gate in your content (e.g., “Wishing Gate Exchange continued success — may the blue shine forever!”).
4. Submissions must be original and comply with community guidelines. Plagiarism or re
Poolz suffers from arithmetic overflow attack, multi-chain losses amounting to $665,000.
Poolz suffers from arithmetic overflow attack, resulting in a loss of approximately 665K USD
Recently, an attack on the Poolz platform has attracted widespread attention from the cryptocurrency community. The attacker exploited an arithmetic overflow vulnerability in the smart contract, successfully stealing approximately $665,000 worth of crypto assets from multiple networks including Ethereum, BNB Chain, and Polygon.
According to on-chain data, the attack occurred on March 15, 2023, involving multiple tokens including MEE, ESNC, DON, ASW, KMON, and POOLZ. The attacker cleverly exploited a vulnerability in the CreateMassPools function of the Poolz platform.
The core issue of the attack lies in the getArraySum function. This function was supposed to be used to calculate the initial liquidity when users batch create pools, but due to integer overflow, attackers only needed to transfer a minimal amount of tokens to create pools with a large amount of false liquidity. Subsequently, the attackers withdrew the incorrectly recorded amount of tokens using the withdraw function.
Technical analysis shows that the attackers first exchanged a small amount of MNZ tokens through a certain decentralized exchange. Then, they called the vulnerable CreateMassPools function, passing in carefully crafted parameters that caused the _StartAmount array to exceed the maximum value of uint256 during accumulation, resulting in an overflow. This made the system mistakenly believe that the attackers had provided a large amount of liquidity, when in fact only 1 token was transferred.
To prevent such issues from occurring again, industry experts recommend that developers use newer versions of the Solidity programming language, which automatically perform overflow checks during compilation. For projects using older versions of Solidity, it is advisable to incorporate OpenZeppelin's SafeMath library to handle integer operations, thereby avoiding overflow risks.
This event once again highlights the importance of security audits for smart contracts. With the continuous development of the decentralized finance (DeFi) ecosystem, project teams need to pay more attention to code security, conduct regular security checks, and promptly fix potential vulnerabilities to protect user asset safety.