Protect Your Project Today
Strengthen your project with the largest web3 security provider.
A CertiK security expert will review your request and follow up shortly.

Slippery Rug: The Uncontrolled Launch of Smashcash

Reports ·Incident Analysis ·
Slippery Rug: The Uncontrolled Launch of Smashcash

Project name: Smashcash

Project type: Token

Date of exploit: Feb 13, 2023

Asset loss: ~45.6 BNB

Vulnerability: Initial Token Distribution

Date of audit report publishing: Dec 30, 2021

Conclusion: In Scope

Details of the Exploit

Background

Smashcash is an ERC-20 token contract deployed on Binance Smart Chain.

Nature of the Vulnerability

  • While the token contract deployment, the Smashcash distributed the token as follows:

Screenshot 2024-01-08 at 5.40.31 AM Screenshot 2024-01-08 at 5.40.55 AM

CertiK Audit Overview

Screenshot 2024-01-08 at 5.44.01 AM

Conclusion

On Feb 13, 2023, Smashcash was reported with a potential rug pull implanted within the initial token distribution, where the wallets that received the initial distribution sold the tokens for ~45.6 BNB. The vulnerability is related to the initial token distribution that the project controlled most of the tokens and can be sold without restriction.

References

Deployment address: 0x3d0e93bfcb8fb46331ea8c98b6ab8c575ab424c3

Related Blogs

Evil in the Shadows: Unveiling the Chaos in Ethereum’s Token Ecosystem
Reports ·Industry Research

Evil in the Shadows: Unveiling the Chaos in Ethereum’s Token Ecosystem

In the Web3 space, new tokens are constantly emerging. Have you ever wondered how many new tokens are issued each day? And more importantly, are these new tokens safe? Over the past few months, CertiK's security team has identified numerous cases of rug pull transactions. Notably, all of the tokens involved in these cases were newly listed on the blockchain.

Unmasking Crypto Market Manipulation: Wash Trading, Spoofing, and More
Technical Blogs ·Educational

Unmasking Crypto Market Manipulation: Wash Trading, Spoofing, and More

Much like traditional financial markets, crypto markets are not immune to manipulation. Many of the same practices that plague stocks and commodities — like wash trading, spreading fear, and pump and dump schemes — also exist in the crypto space. In this blog, we’ll explore some of the most common manipulation tactics in the crypto markets and discuss how these practices impact the industry as a whole.

Risk On Blast Incident Analysis
Reports ·Incident Analysis

Risk On Blast Incident Analysis

On 24 February, GambleFi project RiskOnBlast is thought to have become the first confirmed exit scam to occur on the Blast ecosystem, a layer-2 project on Ethereum.