A novel Ethereum protocol that allows users to create digital objects called “Ethscriptions” has been hit by a major security exploit, according to its creator.
Ethscriptions, launched last month by Tom Lehman, co-founder of Genius.com, lets users create Ethereum assets that leverage “calldata” to store non-financial data on the blockchain.
123 Addresses Lost 202 Ethscriptions
Lehman said that while the Ethscriptions protocol itself was not impacted, the main Ethscriptions.com marketplace suffered a hack that resulted in over 200 Ethscriptions being stolen from 123 user addresses.
The exact monetary value of the theft is unclear, but some Ethscriptions have sold for as much as 5 ETH on OpenSea in recent weeks, equivalent to around $9,600.
Major Sting for Early Adopters
Lehman expressed his disappointment at the theft, lamenting in particular the loss of Ethscription #56 which he described as “ruthless” due to the rarity of earlier Ethscriptions.
He praised the victims as “the earliest adopters” of the protocol but acknowledged responsibility for the failure due to a code snippet in the marketplace’s smart contract that allowed unauthorized withdrawals.
Marketplace to be Relaunched
Once necessary fixes are implemented in the protocol, Lehman plans to relaunch the Ethscriptions.com marketplace.
Ethscriptions differ from traditional NFTs in that they store data at the transaction level rather than being issued as tokens via smart contracts. Over 474,000 Ethscriptions have been created so far.
In summary, while the concept behind Ethscriptions is novel and interesting, this major security exploit highlights the risks and challenges of experimenting with new blockchain protocols and smart contract applications. Early adopters bore the brunt of this failure, with over 200 Ethscriptions stolen due to a vulnerability in the marketplace’s smart contract. Going forward, Lehman plans on relaunching the marketplace once fixes are implemented.
This article is based on the original news published on Decrypt.