Non-fungible tokens (NFTs) marketplace OpenSea launched a new listing manager, among other measures, to mitigate a user interface flaw that saw over $1 million worth of NFTs sold at prices far below their market value.
- On Monday, three attackers were able to take advantage of the bug and buy popular NFTs at older, lower prices, and sell them on for a massive profit.
- An OpenSea spokesperson told CoinDesk via email that “this is not an exploit or a bug” but rather “an issue that arises because of the nature of the blockchain.”
- The marketplace launched a new listing manager early on Tuesday, adding a dashboard that shows all of one user’s inactive listings where they can cancel each listing with one click.
- “The fix only handles and solves for new users, as it only fix the facade (web app) and not the vulnerable contract itself,” said Tal Be’ery, chief technology officer of crypto wallet ZenGo, told CoinDesk via Twitter. “Old users that re-listed their NFTs on OpenSea in the past are still vulnerable to such attack,” whereas new users “simply cannot re-list NFTs without cancelling previous lists explicitly,” he added.
- On top of the new dashboard, OpenSea has been reaching out to and reimbursing affected users, the spokesperson said, adding that they have not “communicated broadly about this issue” to avoid bringing it to the attention of bad actors.
Read more: OpenSea Bug Allows Attackers to Get Massive Discount on Popular NFTs