OpenSea is Reimbursing Users After Loophole Led to Steep NFT Losses
An OpenSea spokesperson told Blockworks the company has been “actively reaching and reimbursing affected users”
BORED APE YACHT CLUB NFTS OWNED BY APE DAO VIA ROLLINGSTONE
- The company said it’s working on improvements to mitigate risk, such as a new dashboard for its marketplace
- An OpenSea bug destroyed 42 NFTs last year
OpenSea is reimbursing users who had their non-fungible tokens snatched up and resold for far below market value on Monday.
An OpenSea spokesperson told Blockworks in a statement that the company has been “actively reaching and reimbursing affected users,” and is taking the matter “incredibly seriously.” The spokesperson did not immediately specify exactly how much users have been reimbursed.
The company said it’s been quiet on the issue to avoid notifying “bad actors who could abuse it at scale” before patching the problem. It’s working on product improvements, including a new dashboard that shows all active listings, to address the issue.
At least three opportunists exploited the OpenSea loophole Monday, making away with over $1 million worth of ether in ensuing NFT sales, according to blockchain analytics firm Elliptic. One user, who goes by “jpegdegenlove” online, paid roughly $133,000 for seven NFTs, before flipping the digital collectibles on OpenSea for $934,000 of ether.
“The exploit appears to originate from the ability to re-list an NFT at a new price, without canceling the previous listing,” Elliptic said in a report. “Those previous listings are now being used to purchase NFTs at prices specified at some point in the past — which is often well below current market prices.”
The loophole, according to the company, was not an exploit or a bug, but rather a UI issue that arises when a user creates a listing, then transfers the NFT to a different wallet — typically to avoid the gas fee that comes with nixing a listing.
Additionally, the platform is changing the default listing duration for NFTs from six months to one month, so that if an NFT is transferred back into a wallet after the new time frame the listing will have expired.
OpenSea reportedly had a bug in its marketplace that destroyed 42 NFTs last year, but was fixed within a day.
Get the news in your inbox. Explore Blockworks newsletters:
- The Breakdown: Decoding crypto and the markets. Daily.
- 0xResearch: Alpha in your inbox. Think like an analyst.
