- A vulnerability in the NBA The Association Collection Smart Contract allowed users to exploit the drop and unfairly mint the tokens ending it in 60 minutes.
- The NFT collection consisted of 18 thousand non-fungible tokens that would be distributed for free and each token is the representation of a player in the 2022 playoffs.
With the constant growth of digital assets and products related to them, it is normal that many people, companies, sports teams, musicians and others want to jump on the bandwagon and innovate in this technology.
However, not everything can go smoothly, as the National Basketball Association (NBA) has understood, since it recently announced that your plan to deliver 18 thousand non-fungible tokens free to basketball fans, it just presented a glitch.
Smart contract violated
The league decided to launch a new collection of non-fungible tokens on the market on April 20, which is called “Association“which was intended to provide exclusive NFTs to the first members of the NBA Discord server.
However, things did not go as expected, as the launch had a series of security vulnerabilities in its smart contract, which caused users to exploit the crash, unfairly minting the tokens and they will literally clean the collection in almost 60 minutes.
The NBA rrecognized the error and indicated that he will work to find a solution to the problem, in addition to pointing out that will increase the number of tokens in the collection, going from the initial 18,000 to 30,000 to ensure that every fan in the league who should have received an NFT gets it.
What happened?
Basically what happened in this flaw is that each token would initially be destined for each of the first members of the NBA Discord server, launched last Friday. These members were given access to a “white list” where one complimentary NFT could be reserved for each registered Ethereum wallet on the list.
However, the NBA did not expect any errors to occur within the smart contract. A reasonably simple exploit allowed users registered on the list to give access to other wallets that were not registered in it and that was the beginning of the chaos.
It should be said that, among the failures, is the fact that the smart contract did not perform a timely monitoring of the number of mints that were made by wallet.
“If a contract were made, if he wanted to, he could mint the entire collection by way of a single transaction.”, he wrote about it on his official Twitter account, CaptainDefia user who provided an overview of the flaw.
As noted above, flaws in the smart contract allowed for a lack of control in the number of users allowed to get an NFT, so cases were reported in which some users minted as many NFTs as they wanted, even getting more than 100 tokens, which were later sold in the secondary trading market of NFT OpenSea for more than 0.30 ETH, that is, around a thousand dollars at that time.
The Association NBA NFT Collection
This collection of NBA NFTs, each token is the representation of a player in the playoffs of this 2022Thus, there are 75 non-fungible tokens for each player that make up the 16 different existing teams, thus giving a total of 18 thousand NFT.
Likewise, it is important to point out that these NFTs have the particularity of being “dynamic”, so they will undergo changes in the future, such as an increase or decrease in value, since they are closely linked to the real-life performance of the player they represent. .
You might be interested in: