NFT Marketplace OpenSea Launches New Listing Manager After Discount Bug
Yesterday, three attackers bought $1 million worth of NFTs for a fraction of their market value.
Jan 25, 2022 at 10:59 a.m. UTC:format(webp)/cloudfront-us-east-1.images.arcpublishing.com/coindesk/ZNUNWW5KJ5FQRGMIGRLUCA543E.png)
A selection of Bored Apes, one of the best-selling NFT avatar series. (Bored Ape Yacht Club/OpenSea)
Eliza Gkritsi is CoinDesk's crypto mining reporter based in Asia.
Non-fungible tokens (NFT) marketplace OpenSea launched a new listing manager, among other measures, to mitigate a user interface flaw that saw over $1 million worth of NFTs sold at prices far below their market value.
- On Monday, three attackers were able to take advantage of the bug and buy popular NFTs at older, lower prices, and sell them for a massive profit.
- An OpenSea spokesperson told CoinDesk via email that "this is not an exploit or a bug" but rather "an issue that arises because of the nature of the blockchain."
- The marketplace launched a new listing manager early on Tuesday, adding a dashboard that shows all of one user's inactive listings where they can cancel each listing with one click.
- "The fix only handles and solves for new users, as it only fix the facade (web app) and not the vulnerable contract itself," said Tal Be'ery, chief technology officer of crypto wallet ZenGo, told CoinDesk via Twitter. "Old users that re-listed their NFTs on OpenSea in the past are still vulnerable to such attack," whereas new users "simply cannot re-list NFTs without cancelling previous lists explicitly," he added.
- On top of the new dashboard, OpenSea has been reaching out to and reimbursing affected users, the spokesperson said, adding that they have not "communicated broadly about this issue" to avoid bringing it to the attention of bad actors.
- OpenSea also changed its default listing duration from six months to one month, and started notifying users if they have an active higher price listing when they reduce the price for the same item, the marketplace told CoinDesk.
- In the next two days, OpenSea will ship another two features to address the listing issue, the company said. The first feature is that when a user transfers an NFT out of their wallet for which they have an active listing, OpenSea will notify them that the NFT in question is an active listing, giving the users an option to cancel the transfer. The second feature is to email users when they transfer an NFT into a wallet with an active listing for that NFT.
UPDATE (Jan. 25, 19:11 UTC): Adds more details about OpenSea's current and future changes in the last two bullet points.
DISCLOSURE
Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.
:format(webp)/www.coindesk.com/resizer/r4hCNh4zR8o4AxiOYIgV0l2Wigc=/arc-photo-coindesk/arc2-prod/public/QPY362MKDVA77CB4EHZRXW2KZM.jpeg)
Eliza Gkritsi is CoinDesk's crypto mining reporter based in Asia.
Learn more about Consensus 2023, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.
Eliza Gkritsi is CoinDesk's crypto mining reporter based in Asia.
:format(webp)/cloudfront-us-east-1.images.arcpublishing.com/coindesk/DR26OKQPFRCKPCJDK2Q3YZ3Q24.png)
:format(webp)/cloudfront-us-east-1.images.arcpublishing.com/coindesk/PJTR3KRDWJCRVE3QREM6KUOK7A.png)
:format(webp)/cloudfront-us-east-1.images.arcpublishing.com/coindesk/EGK4EW66V5ESLGWEYAQDFGPKZA.jpg)
:format(webp)/cloudfront-us-east-1.images.arcpublishing.com/coindesk/CYCX7LWKRBGI5DCLKHHYJIL52E.jpg)