Futures
Access hundreds of perpetual contracts
TradFi
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Launchpad
Be early to the next big token project
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
More
Fusion Ecosystem DeFi Project Under Attack: Smart Contract Vulnerability Leads to Fund Theft
【BitPush】Another incident of an smart contract vulnerability. The security team detected suspicious activity within the Fusion ecosystem—the issue is related to the basic contract, and the project’s EOA account controlled through EIP-7702 technology has a defense loophole. What does this mean? It means this vulnerability opens the door to arbitrary external calls, giving attackers an opportunity. They took advantage of this to deploy malicious circuit breaker contracts for PlasmaVault, directly draining funds from the treasury. This type of DeFi security incident reminds us that even emerging account abstraction schemes require repeated audits, as small detail vulnerabilities can quickly become gaps leading to fund loss.
---
PlasmaVault was drained directly... That's the feeling in leveraged trading where a small detail vulnerability can trigger the entire position.
---
Account abstraction solutions are promising, but risk control thresholds are essentially useless... In the end, it still relies on repeated audits to save the day.
---
Fusion took a big hit this time; it was drained before the liquidation price could even react. This is what you call a real systemic black swan.
---
It's always like this... New technology, new ecosystems, new vulnerabilities, new explosions. When the health factor hits rock bottom, it's time to accept fate.
---
What does it mean if the EOA defense line is broken? It means putting all funds on the table for anyone to slaughter. I wonder who will still dare to play in the Fusion ecosystem.
---
PlasmaVault was exploited so quickly, it's unbelievable.
---
I always say that new account abstraction schemes must be approached with caution, but it still ended in a failure.
---
Contract audits really can't be skipped; a small detail bug can lead to huge losses.
---
After this wave of Fusion ecosystem development, how much will it cost to compensate... DeFi is still too risky.
---
Not checking the news for a day, and another project gets hacked. I can't keep up with this pace.
---
The door to arbitrary external calls? This vulnerability is pretty much a dead end, and the attacker just walks away.
---
New technology still needs to be reviewed multiple times; don't rush to deploy everything all at once.
---
Another smart contract vulnerability, my mental state has been worn down.
---
I just want to know how much was lost this time, and whether it will affect the entire Fusion ecosystem.
---
The account abstraction stuff feels like it's not ready yet but being rushed, sooner or later you'll suffer
---
PlasmaVault is directly a loss this time; the treasury was drained, which is really not good
---
Where is the promised repeated audits? It still failed at the basic contract, this is awkward
---
DeFi is always high yield and high risk, looks like I need to be more cautious
---
That circuit breaker contract trick is also incredible; technology is indeed a double-edged sword
---
It's always like this, new technology comes out and is exposed to have vulnerabilities within days, when will it finally settle down
---
Whose responsibility is it this time? The project team or the security team didn't do their best
---
Account abstraction solutions sound advanced, but it turns out the basic contracts are still not well implemented, hilarious
---
PlasmaVault was directly drained, which is why I never touch new projects that haven't undergone multiple audits
---
Feels like there are new vulnerabilities every week now, can this ecosystem still be played?
---
Vulnerabilities in the defense line leading to arbitrary calls, it's outrageous that such basic errors can occur
---
I knew it, funds on the chain are never that safe, in the end, it still depends on whether the code audit is reliable or not
---
The circuit breaker contract was drained immediately after deployment, this operation is a textbook-level attack path