MakerDAO Critical Vulnerability Notice

Zeppelin
Zeppelin
May 6, 2019 · 1 min read
Image for post
Image for post

While working on an audit for the Coinbase team, we found a critical vulnerability in one of the DappHub library contracts. This affects the MakerDAO system currently in production.

We privately disclosed the vulnerability to the MakerDAO team, and we have been working together in the past few days on a code fix and a mitigation plan.

After reviewing the amended contract, we can confirm that the vulnerability has now been fixed. The security of the MKR token contract is not affected by our findings.

If you are a user of MakerDAO, head to their reddit post to understand if you need to take action.

We will provide a detailed technical analysis of the vulnerability and fix once the mitigation plan has come to an end.

Zeppelin Blog

Growing and protecting the core infrastructure of an open…

Zeppelin

Written by

Zeppelin

We build software to grow and protect the core infrastructure of an open, global economy, powered by blockchain technologies.

Zeppelin Blog

Growing and protecting the core infrastructure of an open, global economy, powered by blockchain technologies.

Zeppelin

Written by

Zeppelin

We build software to grow and protect the core infrastructure of an open, global economy, powered by blockchain technologies.

Zeppelin Blog

Growing and protecting the core infrastructure of an open, global economy, powered by blockchain technologies.

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store