Stars Arena faces vulnerability that can potentially let users drain funds

Photo of author

By BitcoinWiki News

Key Takeaways:

– Avalanche-based social protocol Stars Arena faced a critical vulnerability that could allow unauthorized access to drain Avax coins from its smart contract.
– The vulnerability posed a risk to over $1 million worth of funds locked in the smart contract.
– The issue stemmed from a faulty getPrice() function that enabled hackers to transfer small amounts of funds to their wallets.
– The vulnerability was initially noted by an analyst named lilitch.eth and later confirmed by The Block Research.
– The high transaction fees on the network acted as a deterrent for malicious hackers, making it unprofitable to attempt extracting funds from the protocol.
– Stars Arena, a monetized social media app, saw a surge in on-chain transactions on the Avalanche network after its launch in September.
– The protocol allowed users to connect their Twitter accounts and trade profile tokens using Avalanche’s native currency, AVAX.
– Additional information has been provided in the updated version of the story.


A vulnerability in the Stars Arena social protocol, built on Avalanche, allowed hackers to drain Avax coins from the project’s smart contract. The vulnerability was related to a faulty getPrice() function, which allowed hackers to transfer small amounts of funds to their wallets. However, the high transaction fees on the network made it unprofitable for hackers to exploit the vulnerability. Despite this, Stars Arena gained significant traction within two weeks of its launch, with a TVL surpassing $1 million. The protocol allows users to connect their Twitter accounts and trade profile tokens using AVAX. Stars Arena has since addressed and resolved the vulnerability.

This is sponsored by: Learn Bitcoin Option

Leave a Comment