Sirk

🆕 GoPlus GoPredict Plugin Update Prediction markets are growing fast — but two long-standing issues remain: 1️⃣ Outcomes can be manipulated Some markets rely on announcements from a single entity, making risks hard to identify in advance. 2️⃣ Rules are complex and misleading Settlement rules can be long, vague, or hide key conditions. 👉To address this, GoPredict introduces three new features: 🔴 Manipulation Risk Analysis Detects whether a market outcome could be controlled by a single entity. 📜 Rule Risk Alerts AI scans market rules to surface hidden clauses, subjective definitions, and unusual settlement conditions. 💡 Plain-Language Tag Explanations Complex indicators like liquidity and market imbalance are translated into simple explanations. GoPredict is bringing to prediction markets: - More transparent rules. - Clearer risks. - Safer decisions. Install the #GoPlus plugin and try GoPredict 👇 chromewebstore.google.com/search/GoPlus

1/ ⚠️ Vulnerability Analysis: Suspicious $50.4M Loss Case A user swapped 50.4M USDT for AAVE on #AAVE, but only received 327 AAVE (~$35.9K), resulting in a loss of about $50.3M. The root cause lies in how the transaction was settled. At the protocol level, @aave executed settlement through the settle function in the CoWSwap Protocol GPv2Settlement contract. During the process: The smart contract first swapped 50.4M USDT → 17,957 WETH Then swapped WETH → AAVE However, during the second swap, the SLP (SushiSwap LP) WETH/AAVE pool used had extremely low liquidity, containing only 17.65 WETH + 331.63 AAVE. As a result, the victim’s 17,957 WETH could only be exchanged for ~331 AAVE. Security Issues: • The CoW Protocol settle mechanism claims to choose the optimal on-chain route, but in this case it clearly did not. Instead, it routed the trade through a pool with severely insufficient liquidity, exposing clear business logic flaws and potential manipulation risks. • Even more suspicious: this SLP pool was deployed by AAVE itself more than 5 years ago, and the liquidity source traces back to Tornado Cash. • The AAVE frontend also lacked adequate safety protections in this scenario. Trades that could lead to over 90% loss should be automatically rejected, rather than showing a vague warning prompt. In reality, even a 50% loss would be unacceptable in most situations. Platforms should block such trades outright or require manual approval through a support process.