NFTs marketplace OpenSea has refunded 750 ETH (about $1.95 million) to users who suffered losses due to a vulnerability in the NFT listing feature on the platform, Bloomberg has reported.
On December 31, 2021, the founder of the project pointed out a bug that allows users to buy expensive tokens at reduced prices.
OpenSea has an urgent listing of assets – after the selected time, the tokens are removed from the sale. However, prior to the introduction of this mechanism, NFT delisting was done manually and required an additional gas fee, which in some cases could be quite high.
In order to avoid paying a commission, users found a way out – when transferring a token to a third-party wallet and back to the original one, it ceases to be displayed in the OpenSea interface. But in such a situation, the delisting is not confirmed on the blockchain, so NFTs remain available for purchase through the API used by sites like Rarible.
This allows users to buy back tokens at old prices, much lower than their current value. To address the issue, OpenSea launched a review and unlisting feature, reduced the default listing duration from six to one month, and notified users to delist.