The blockchain security resource PeckShield was the first to inform about the exploit against SushiSwap’s approval contract.
According to the firm, all 1,800 ETH (worth about $3.3 million) were drained from a single user – @0xsifu.
- The “RouterProcessor2” contract in question is used to execute trade routing on the popular decentralized exchange.
If you have approved https://t.co/E1YvC6VZsP, please *REVOKE* ASAP!
— PeckShield Inc. (@peckshield) April 9, 2023
- Jared Grey, SushiSwap’s head developer, also weighed in on the matter, outlining the “approval bug” and advising users to revoke the approval as soon as possible.
- Additionally, Grey tried to caution the community by noting that the team behind the DEX is working on finding a proper solution.
Sushi’s RouteProcessor2 contract has an approval bug; please revoke approval ASAP. We’re working with security teams to mitigate the issue. https://t.co/WhXJfa5xD4
— Jared Grey (@jaredgrey) April 9, 2023