As reported by @cat5749, a scam surfaced on Dec. 31, 2021 to reward $YEAR tokens to ETH transactions based on the contents of their Metamask wallet.
Investors in a new cryptocurrency called $YEAR were the subject of a honeypot scam, as tweeted by @cat5749. Essentially a token creator used a website called EtherWrapped that connected to a Metamask wallet. The individual or group of individuals allotted $YEAR token rewards to users based on their ETH transactions throughout the previous year.
Everything on Ethereum is handled via smart contracts which run on the Ethereum Virtual Machine. Smart contracts can be freely viewed using Etherscan. To create a new token, an entity must create a new smart contract in a decentralized application language called Solidity and deploy it to the Ethereum Virtual Machine. Initially, when the contract is uploaded, it is an “unverified” contract.
In the case of this scam, the smart contract was verified when members of the Ethereum community clamored for verification. By verification, the contract became public. This means that the smart contract code was open to scrutiny.
A newer exploit is for malicious entities to create seemingly benign smart contracts, with traps hidden in plain sight. These are impervious to code inspections, as there are often no obvious signs that the smart contract owner wishes to engage in malicious activity. In the case of the $YEAR token and smart contract, a Twitter user named @cat5749 and others examined that smart contract for apparent traps in the code. They couldn’t find anything that looked suspicious. They came across a function called “_burnMechanism” which would fail if contact was attempted with the contract owner. This didn’t raise any obvious red flags, but would prove instrumental in diagnosing how the attack happened.
Revoking ownership to crash new coin
The owner revoked ownership of the contract, and made its new owner the decentralized exchange, UniSwap V2. This meant that only purchases could be made from UniSwap V2, but nothing could be sold to UniSwap V2. The smart contract owner would then become the only seller, causing the price of the $YEAR token to increase. As users saw the price increasing, FOMO made them want to buy.
When a new token is created, the creator must develop a way for users to buy and sell the token. This sometimes means that the creator will place a valuable token such as ETH and their new token in a trading pool. Buyers of the new token will need to supply the valuable token to get the new token. What can happen is that the creator can pull out his original valuable token plus the new token. Due to the way automated market makers work, this will remove more of the valuable token than the worthless token.
The creator then pulled out liquidity from UniSwap V2, including over 30 ETH, and caused the new token to crash, leaving some very disgruntled investors.
What do you think about this subject? Write to us and tell us!
Disclaimer
All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.
Note: This article have been indexed to our site. We do not claim legitimacy, ownership or copyright of any of the content above. To see the article at original source Click Here
Apple EarPods Headphones with Lightning Connector, Wired Ear Buds for iPhone with Built-in Remote to Control Music, Phone Calls, and Volume
$17.09 (as of November 7, 2024 18:48 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Symcele Designed for iPhone 16 Pro Case, Compatible with MagSafe, with Privacy Screen Protectors X2, [Camera Protection] [15FT Military Drop Protection] Shockproof Phone Case, 2024, Black
$15.99 (as of November 7, 2024 18:48 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
10 Yards Velvet Ribbon Spool (Wine, 5/8")
$7.99 (as of November 7, 2024 18:44 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
BrightChristmas Christmas Lights 1200 LED 394 FT, Waterproof Outdoor String Lights with Remote and Timer, Christmas Tree Lights with 8 Modes Dimmable, Fairy Lights for Holiday Decor (Multicolor)
$39.99 (as of November 7, 2024 18:48 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
