Fireblocks, UniPass wallet tackle Ethereum ERC-4337 account abstraction vulnerability
Fireblocks assists smart contract wallet UniPass to address ERC-4337 account abstraction vulnerability. Cryptocurrency infrastructure firm Fireblocks has identified and assisted in tackling what it describes as the first account abstraction vulnerability within the Ethereum ecosystem. An announcement on Oct. 26 unpacked the discovery of an ERC-4337 account abstraction vulnerability in the smart contract wallet UniPass. The two firms worked together to address the vulnerability, which was reportedly found in hundreds of mainnet wallets during a ‘whitehat’ hacking operation. According to Fireblocks, the vulnerability would allow a potential attacker to carry out a full account takeover of UniPass wallet by manipulating Ethereum's account abstraction process. As per Ethereum’s developer documentation on ERC-4337, account abstraction allows for a shift in the way transactions and smart contracts are processed by the blockchain to provide flexibility and efficiency. Related: Account a...