Major Setback: Smart Contract Exploit Results in Over 200 Ethscriptions Being Nabbed

Hassan Shittu
Last updated: | 2 min read
Source: Shutterstock

According to its creator, a new protocol allowing the creation and sharing of digital objects on Ethereum has experienced a significant setback due to a major hack in its main marketplace.

Ethscriptions, a novel method to create Ethereum assets launched last month by Tom Lehman, co-founder and former CEO of Genius.com, utilizes transaction “calldata” to write non-financial data to the blockchain network. 

“About 123 individual addresses lost about 202 Ethscriptions in this exploit,” Lehman said. “Any young protocol will have bumpy landings, but this is not what I meant.”

Lehman took responsibility for the failure, attributing the exploit to a smart contract developed by himself and Michael Hirsch, co-founder of Indelible Labs. 

The flaw originated in a code snippet that enabled the unauthorized withdrawal of Ethscriptions from the marketplace.

While the Ethscriptions protocol and other related applications remain uncompromised, many listings on Ethscriptions.com were reported stolen, according to Lehman’s tweet on Friday.

The exact extent of the value lost due to the exploit remains uncertain; however, recent data from NFT marketplace OpenSea reveals that certain Ethscriptions have been sold for as much as 5 Ethereum, approximately equivalent to $9,600, over the past month, highlighting the significant impact.

Lehman’s Response to Ethscriptions Marketplace Hack

Lehman raised awareness about the exploit on July 14, and a notice regarding the affected state of the marketplace continues to be displayed on Ethscriptions.com. 

The website includes a warning advising users to withdraw their Ethscriptions and avoid creating new listings due to the ongoing issue with the marketplace contract.

Lehman expressed his dismay over the Ethscriptions loss, describing it as “terrible,” with a specific emphasis on the theft of Ethscription #56, which he considered “brutal” due to its rarity among earlier artifacts. 

Additionally, the exploit carries an added sting as it was intended to serve as a guiding example for other marketplaces seeking to incorporate Ethscriptions support.

“The purpose of the marketplace was basically to help show other people how to create marketplaces and help build an ecosystem,” he said. “Unfortunately, we fell on our faces in that area.”

Revamping the Ethscriptions Marketplace: Lehman’s Plans for Relaunch and Communication with Affected Users

Regarding this new protocol, Lehman acknowledged the challenge of balancing cost-saving measures by limiting smart contract storage usage while strategically managing contracts, particularly in marketplace scenarios. 

“This process has also completely changed my perspective on how marketplaces can implement the protocol and I think it will lead to a much healthier ecosystem long-term.”

He emphasized the need to devise methods to provide smart contracts with the necessary information or ensure they operate independently from such requirements.

Lehman announced plans to relaunch the Ethscriptions.com marketplace once the necessary protocol adjustments have been implemented. 

He has been actively communicating with those affected by the exploit and has admired them as the “earliest adopters” of the Ethscriptions protocol on Twitter.