Share this article
OpenZeppelin Reveals Top 10 Blockchain Hacking Techniques in 2022
The first and second place bugs involved layer 2 scaling system Optimism and vanity address generator Profanity.
Updated Mar 17, 2023, 3:06 p.m. Published Mar 17, 2023, 3:09 a.m.
Make us preferred on Google
OpenZeppelin, a crypto cybersecurity company that provides an open-source framework to develop secure smart contracts, on Thursday U.S. time revealed the final results of the top 10 blockchain hacking techniques of 2022, in an effort to make the crypto space more safe.
First and second place included a bug on the software node level of layer 2 scaling system Optimism and a vulnerability on the key generation level of vanity address generator Profanity. The Optimism bug, if exploited, causes “an infinite mint” of Optimism’s native token OP that “would collapse many (if not all) Optimism protocols,” while the vulnerability on Profanity put at least $160 million at risk, said Ashiq Amien, one of the six panelists on the project.
STORY CONTINUES BELOW
All of the hacking techniques were already publicly disclosed in 2022, before the start of the project.
Following Monday’s $200 million exploit of decentralized finance (DeFi) lending protocol Euler Finance, the reveal of top 10 hacking techniques is meant to highlight the best practices for security measures on various levels of blockchain code including the smart contract level, key generation level and node level.
The project “helps to push security boundaries forward and strengthen the security of the whole ecosystem by basically accumulating all the research and ideally surfacing underrated research,” said Nikita Stupin, a blockchain security engineer and researcher at OpenZeppelin.
Stupin added in an interview with CoinDesk, “This primarily is for security researchers so that they are up to date with the most novel approaches, the most novel techniques, or the most novel attack vectors so that they can apply them and see them in their audits.”
Additional members of top 10 list include a bug that allowed exploiters to empty all wrapped token contracts, potentially forcing the wrapped ether (wETH) contract to be insolvent and a vulnerability on the Avalanche blockchain that was used to break security assumptions of several protocols, including decentralized exchange SushiSwap and lending platform Abracadabra, according to the announcement.
Community members first picked on the top 15 hacking techniques that occurred in 2022, while a panel of six blockchain security experts, which included Paradigm’s head of security Samczsun, determined the top 10 from the community list.
More For You
Pudgy Penguins is building a multi-vertical consumer IP platform — combining phygital products, games, NFTs and PENGU to monetize culture at scale.
What to know:
Pudgy Penguins is emerging as one of the strongest NFT-native brands of this cycle, shifting from speculative “digital luxury goods” into a multi-vertical consumer IP platform. Its strategy is to acquire users through mainstream channels first; toys, retail partnerships and viral media, then onboard them into Web3 through games, NFTs and the PENGU token.
The ecosystem now spans phygital products (> $13M retail sales and >1M units sold), games and experiences (Pudgy Party surpassed 500k downloads in two weeks), and a widely distributed token (airdropped to 6M+ wallets). While the market is currently pricing Pudgy at a premium relative to traditional IP peers, sustained success depends on execution across retail expansion, gaming adoption and deeper token utility.
More For You
MegaETH mainnet to go live Feb. 9 in major test of ‘real-time’ Ethereum scaling
This follows its October 2025 $450 million token sale that was heavily oversubscribed.
What to know:
- MegaETH, the much-watched high-performance Ethereum layer-2 network, announced that its public mainnet will go live Feb. 9, marking a major milestone for a project that has gained a lot of attention in the scaling landscape.
- MegaETH positions itself as a “real-time” blockchain for Ethereum, designed to deliver ultra-low latency and massive transaction throughput.
Top Stories
