{"id":28319,"date":"2020-09-07T18:24:44","date_gmt":"2020-09-07T15:24:44","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=28319"},"modified":"2025-08-27T11:04:10","modified_gmt":"2025-08-27T08:04:10","slug":"developer-finds-another-vulnerability-in-sushiswap-protocol","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/developer-finds-another-vulnerability-in-sushiswap-protocol\/","title":{"rendered":"Developer finds another vulnerability in SushiSwap protocol"},"content":{"rendered":"

A vulnerability in the governance of the DeFi platform SushiSwap has been discovered that preserves the voting right for token holders even after transfer. Developer Chong Sok Park wrote<\/a> about the double-spending bug in his blog.<\/p>\n

The governance mechanism of SushiSwap allows token holders to transfer voting power. Transferring assets from a wallet should reset the delegation parameters, but due to the bug the user retains the governance power.<\/p>\n

\"\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a<\/p>\n

As explained by Park, the double-spending bug allows a user to extend voting power through delegation transactions. The developer sees a fix in adding the code “moveDelegates” to the SushiSwap smart contract when transferring tokens.<\/p>\n

\"\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a<\/p>\n

In a comment to Cointelegraph, the CEO of FTX, Sam Bankman-Fried confirmed<\/a> the existence of the vulnerability. According to him, it does not pose a real threat to SushiSwap \u2014 the governance mechanism has not yet been activated.<\/p>\n

Earlier, experts found<\/a> ten vulnerabilities in SushiSwap. One of them allows re-adding a liquidity provider token, while another could lead to transferring funds to any address.<\/p>\n

Earlier, the anonymous creator of SushiSwap “Chef Nomi” sold<\/a> half of the funds from the platform\u2019s development fund. This spurred the SUSHI price from $11 to $2.35.<\/p>\n

As of writing, the asset is trading<\/a> at around $2.70.<\/p>\n

Subscribe to ForkLog news on Telegram: ForkLog FEED<\/a> \u2014 the full feed of news, ForkLog<\/a> \u2014 the most important news and polls.<\/p>\n","protected":false},"excerpt":{"rendered":"

A vulnerability in the governance of the DeFi platform SushiSwap has been discovered that preserves voting power for token holders even after transfer. Developer Chong Sok Park wrote about the double-spending bug in his blog.<\/p>\n","protected":false},"author":1,"featured_media":28320,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1301,1093,1379],"class_list":["post-28319","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-blockchain-vulnerabilities","tag-defi","tag-sushiswap"],"aioseo_notices":[],"amp_enabled":true,"views":"19","promo_type":"1","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/28319","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=28319"}],"version-history":[{"count":1,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/28319\/revisions"}],"predecessor-version":[{"id":28321,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/28319\/revisions\/28321"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/28320"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=28319"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=28319"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=28319"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}