Login
Sign Up
Woofun AI reports that Lumi Finance on Arbitrum experienced a security breach on July 13, resulting in losses of approximately $270,000. The exploit stemmed from a logic error within the Sodium smart account contract's validateUserOp function during ERC-4337 signature validation. When ECDSA.tryRecover failed to verify the signature, the system did not revert but instead executed the isValidSignature function in the attacker's contract, allowing unauthorized access.