OpenSea is one of the biggest exchanges for buying and selling NFTs.  In January 2022, a misunderstanding about how OpenSea lists NFTs led to a vulnerability that permitted attackers to buy “delisted” NFTs for old prices.  An attacker exploited this vulnerability to buy NFTs at massively discounted prices and sell at current listing prices.

Inside the Attack

OpenSea is a DApp (a decentralized application), which means that it has a frontend website that users interact with and a smart contract in the backend that performs actions on the blockchain.  A logic bug between this frontend and backend created a mismatch that allowed NFTs that their owners thought that they had delisted on OpenSea to be sold for much lower than their current value.

In the OpenSea frontend, an owner of an NFT could use OpenSea’s transfer function to send their NFT to a secondary wallet and back again.  This would cause the NFT to no longer be listed for sale on the website.

This approach is designed to save Ethereum gas fees for delisting, and it didn’t propagate to the smart contract backend.  As a result, previous listings of the NFT in the blockchain backend are still active.

The attacker took advantage of this and the fact that many of the NFTs in question had appreciated in value significantly since these older listings were active.  The attacker bought the NFTs at their old listed value and then sold the NFTs for current values, making as much as $200,000 in ETH for the sale of one Bored Ape NFT.  These proceeds were then sent to a money mixer to make them untraceable and the attacker disappeared.

After the attack was discovered, @sum1eth developed a cryptocurrency bot that identified attempted exploits and frontrun the transactions.  By sending identical transactions with higher gas prices, the bot was able to purchase the vulnerable NFTs before the attacker could.  After saving an NFT, @sum1eth advertised on Twitter to contact the owner and return their NFT.

Lessons Learned From the Attack

This vulnerability demonstrated the importance of performing a holistic security audit on DApps.  While many security assessments focus on smart contracts, the web frontend and the interactions between the two are equally important.

Rob Behnke