Several cryptocurrency developers have discovered a flaw in the smart contract code of Societe Generale’s (SG) euro stablecoin EURCV.
On April 20, SG said EURCV will be limited to investors who have joined through the Societe Generale Group’s existing compliance procedures.
Developer highlights flaw
Software Engineer Cygaar discovered That the bank can take and burn all the user’s money through certain functions of the smart contract.
Cygaar added, “SG was much better off using Onyx (JPM’s internal system) or some internal database because they are looking for a centralized payment layer.” I was.
Another developer, 0xfoobar I got it With this code, individual ETH transactions must first be approved by the Central Registrar before any ERC20 transfers can be processed.
A pseudonymous smart contract engineer alephv.eth also highlighted this issue.engineer Added:
“They coded it so that it has to whitelist all users, handle all user transfers, and even handle ERC20 authorization before handling ‘transferFrom’ lmao .”
This significantly slows down stablecoin transaction speeds and complicates the whole process.
Origin Protocol developer Scott Mitchell Added From an economic point of view, this does not work with Ethereum. Mitchell said:
“Validating transactions in batches and waiting for gas to run out is too costly at scale.”
Blockend Engineer at Cyfrin Audits Patrick Collins Said:
“The worst part is they didn’t use custom errors. Gas inefficient reverts!”
Cryptocurrency investor Mason Versruis Said He added that the code was “absolutely horrible” and that banks should keep “centralized bull**t” away from crypto.
A post by a crypto developer exposing an “absolutely horrible” flaw in the Societe Generale Euro stablecoin first appeared on CryptoSlate.