# Smart Contract的所有文章

在 HTX 新闻中心浏览与「Smart Contract」相关的最新资讯与深度分析。潘盖市场趋势、项目动态、技术进展及监管政策，提供权威的加密行业洞察。

Polymarket Users Cry Foul After $85 Million Bet On MicroStrategy’s Bitcoin Sale Goes Wrong

A dispute involving over $85 million erupted on Polymarket after the prediction market proposed a "No" resolution to the question of whether MicroStrategy (Strategy Inc.) sold Bitcoin by May 31, 2026. The company confirmed selling 32 BTC between May 26-31 in an SEC filing on June 1. Polymarket's proposal argues the public confirmation arrived after the deadline, while "Yes" traders contend the question refers to the sale date, not the announcement date. The outcome is now subject to a binding UMA token-holder vote. The dispute highlights concerns about UMA's oracle mechanism, where voting power is concentrated and conflicts of interest exist. This high-stakes conflict challenges Polymarket's credibility amid regulatory scrutiny.

bitcoinist17小时前

Polymarket Users Cry Foul After $85 Million Bet On MicroStrategy’s Bitcoin Sale Goes Wrong

bitcoinist17小时前

Circle Blacklists Zama Protocol Address, Freezing $12.6M In User Funds – Details

Circle has blacklisted a smart contract address for the Zama protocol's Confidential USDC (cUSDC), freezing approximately $12.6 million in user funds. The action, identified by on-chain investigator ZachXBT, targeted a publicly documented contract on Ethereum. Investigations suggest the frozen funds may be indirectly connected to ongoing controversy and legal issues surrounding Overnight Finance, an asset-management protocol. A wallet linked to Overnight Finance had deposited a large sum into the Zama contract amidst governance disputes and allegations of a possible rug pull. This move by Circle, reportedly made without prior warning to Zama, has reignited criticism over transparency and unilateral enforcement by centralized stablecoin issuers. It highlights concerns about how external legal and governance risks can impact unrelated users in interconnected DeFi systems. Circle has not provided an official explanation for the freeze.

bitcoinist前天 23:32

Circle Blacklists Zama Protocol Address, Freezing $12.6M In User Funds – Details

bitcoinist前天 23:32

CertiK and Lambda256 Partner to Strengthen Blockchain Security in APAC

CertiK, a leading Web3 security services provider, and Lambda256, Dunamu's blockchain technology subsidiary, have signed a strategic Memorandum of Understanding (MOU) to strengthen blockchain security and compliance infrastructure for enterprises and financial institutions in Korea and the APAC region. As a distributor for CertiK's products, including the real-time AML and risk intelligence platform SkyInsights and the AI-powered smart contract pre-audit tool AI Auditor, Lambda256 will integrate its blockchain infrastructure and regional expertise with CertiK's security capabilities. The partnership will initially focus on enterprise deployments in Korea, including consortium blockchains and regulated digital asset use cases, with plans for joint go-to-market activities, events, and thought leadership across APAC. The collaboration aims to provide institutionally-tailored solutions for integrated risk assessment and compliance, helping organizations adopt digital assets with greater security and operational confidence.

TheNewsCrypto05/29 09:41

CertiK and Lambda256 Partner to Strengthen Blockchain Security in APAC

TheNewsCrypto05/29 09:41

OpenSea Launches ERC-8257: A Tool Store for AI Agents, Unlock APIs by Buying an NFT

OpenSea has merged the ERC-8257 standard, an on-chain "Agent Tool Registry" that enables AI Agents to autonomously discover, pay for, and access tools. This standard allows developers to publish tools with programmable access rules (e.g., NFT ownership, subscriptions) and pricing directly on-chain. For example, an AI Agent needing a premium API can buy the required NFT itself and gain access without human intervention, turning NFTs into keys for the agent economy. The system works with complementary standards like ERC-8004 for agent identity and x402 for payments. A live demo shows an NFT appraisal tool offering discounted rates to holders of a specific NFT collection. ERC-8257 aims to decentralize tool distribution and access control, allowing any on-chain asset to grant utility to AI agents. The SDK is available for building on Ethereum and Base.

marsbit05/27 04:26

OpenSea Launches ERC-8257: A Tool Store for AI Agents, Unlock APIs by Buying an NFT

marsbit05/27 04:26

Morse Code "Stole" $440,000 from Bankr, Undermining Trust in AI Agent Interactions Again

On May 20th, the AI agent platform Bankr reported an attack where 14 user wallets were compromised, resulting in losses exceeding $440,000. The incident, confirmed by security firm SlowMist, was a social engineering attack exploiting the trust layer between automated agents, similar to an attack on May 4th that stole $150k-$200k from a Grok-associated wallet. Bankr allows users and AI agents to manage wallets and execute transactions via instructions sent to @bankrbot on X. The platform monitors posts from specific agents like @grok, treating them as potential transaction commands, especially if the agent holds a "Bankr Club Membership" NFT which grants high-permission operations. The attacker exploited this design. First, they airdropped the required NFT to Grok's wallet. Then, they posted a Morse code message on X requesting a translation from Grok. The AI agent helpfully decoded and replied, but the decoded text contained a direct instruction to @bankrbot to transfer a large sum of DRB tokens to the attacker's address. Bankr's system, monitoring Grok's feed and verifying the NFT permissions, automatically signed and broadcast the transaction. The core issue is a flawed trust assumption: Bankr treated Grok's natural language output as authorized financial commands without verifying the intent. LLMs like Grok cannot distinguish between a genuine user request and a manipulated instruction. Using encoded messages like Morse code bypasses potential content filters, as the translation task itself appears harmless. This attack highlights a systemic vulnerability in platforms granting on-chain execution rights to AI agents. While Bankr has paused transactions and promised full reimbursement from its treasury, the incident underscores that defenses against "malicious-injection-via-LLM-output" were not part of the original security model. As AI agents gain financial agency, such trust-layer exploits represent a growing threat class.

marsbit05/20 03:32

Morse Code "Stole" $440,000 from Bankr, Undermining Trust in AI Agent Interactions Again

marsbit05/20 03:32

SLT CargoPay Introduces a New Web3 Infrastructure for Cargo Transportation Payments

SLT CargoPay introduces a new Web3 infrastructure platform specifically designed for cargo transportation payments. As a non-custodial dApp, it enables users to create and manage transportation invoices, organize payment flows, add operational notes, and complete settlements directly on-chain without relying on traditional banking systems. The platform focuses on real-world cargo workflow and settlement management, operating more as an operational layer than a simple payment app. It supports blockchain-based transactions using the gold-linked digital asset GOLDGR and its stable settlement token LUSD. Access is wallet-based, requiring no traditional accounts or KYC for standard use, with transactions finalized through users' own wallets and smart contracts. In addition to core payment functions, SLT CargoPay offers integrated Treasury Program utilities for managing supported digital assets. The platform aims to bring usability, transparency, and dedicated settlement infrastructure to the cargo transportation industry within a unified Web3 environment.

TheNewsCrypto05/19 16:29

SLT CargoPay Introduces a New Web3 Infrastructure for Cargo Transportation Payments

TheNewsCrypto05/19 16:29

A Hair Dryer Blows Away $34,000 from Polymarket

A hairdryer was used to manipulate a temperature sensor at Paris Charles de Gaulle Airport (LFPG) on April 6 and 15, 2026, causing short-lived artificial temperature spikes. These false readings were used to exploit a prediction market on Polymarket, where users bet on Paris’s daily maximum temperature. The attacker targeted low-probability high-temperature outcomes, which settled as "Yes" based on the corrupted data, netting a total of $34,000 in profit. The attacker’s a newly created anonymous account funded just two days before the first incident. After the successful manipulations, the funds were quickly moved through mixers and decentralized exchanges to avoid tracing. French meteorological experts and authorities confirmed the anomalies were inconsistent with actual weather conditions and nearby station data, pointing to physical intervention. Legal action was initiated for "disrupting automated data processing systems," which carries severe penalties under French law. Polymarket’s market rules relied solely on a single, publicly accessible sensor and did not account for subsequent data revisions, making the system vulnerable to such physical oracle attacks. In response, Polymarket silently switched its data source to Paris-Le Bourget Airport (LFPB) without public explanation or refunding the exploited funds. The incident highlights the risks of single-point data dependencies in prediction markets and the low-cost, high-reward potential of real-world manipulation.

marsbit04/23 08:28

A Hair Dryer Blows Away $34,000 from Polymarket

marsbit04/23 08:28

When Wallets Start Embedding AI Agent: The New Interaction Paradigm of ERC-8211, Why Is It Worth Attention?

The article discusses ERC-8211, a new Ethereum standard developed by Biconomy and the Ethereum Foundation, aimed at enabling dynamic, multi-step on-chain execution for AI agents and complex DeFi workflows. Currently, AI agents can plan multi-step operations (e.g., swapping ETH for USDC, bridging, and depositing into a protocol), but execution fails due to static parameters in existing batch processing standards like ERC-4337. These static batches freeze values (e.g., swap amounts) at signing, making them vulnerable to slippage, gas changes, and chain state shifts, often resulting in partial or failed transactions. ERC-8211 introduces a programmatic approach ("From transactions to programs") with three primitives: - **Fetchers**: Retrieve real-time on-chain values (e.g., current balance) during execution. - **Constraints**: Enforce conditions (e.g., minimum output amount) before proceeding. - **Predicates**: Act as gatekeepers between steps (e.g., wait for cross-chain funds to arrive). This allows atomic execution of multi-step transactions with dynamic, condition-based flow, reducing failure risks and idle capital. The standard is compatible with account abstraction (e.g., ERC-4337) and shifts wallets from mere signers to interpreters of intent-based programs, enhancing security and usability for AI-driven DeFi. It represents the next evolution in on-chain interaction, enabling one signature to execute a dynamic, outcome-oriented program.

marsbit04/20 10:21

When Wallets Start Embedding AI Agent: The New Interaction Paradigm of ERC-8211, Why Is It Worth Attention?

marsbit04/20 10:21

Yuga Labs settles with Ryder Ripps, secures sweeping ban on RR/BAYC NFTs

Yuga Labs has settled its lawsuit against artists Ryder Ripps and Jeremy Cahen, ending a long-running legal dispute over their RR/BAYC NFT collection which used Bored Ape Yacht Club trademarks. The settlement includes a permanent injunction prohibiting the defendants from using any BAYC-related branding across NFTs, digital platforms, or physical products. They must transfer all remaining RR/BAYC NFTs, domain names, and assets to Yuga Labs, and cease all minting, sales, and promotion of the collection. The agreement effectively shuts down the RR/BAYC project and reinforces the enforcement of intellectual property rights in the NFT space, even for collections presented as satire or critique.

ambcrypto04/08 20:57

Yuga Labs settles with Ryder Ripps, secures sweeping ban on RR/BAYC NFTs

ambcrypto04/08 20:57

When AI Solves Security, Will DeFi Return to Its Golden Age?

The article discusses how AI is revolutionizing DeFi security, potentially ushering in a new era of innovation reminiscent of the 2020 DeFi Summer. Previously, high security costs and lengthy audit processes stifled experimentation, as developers avoided unproven ideas due to financial and time constraints. However, AI tools like Nemesis are now drastically reducing these barriers by efficiently detecting complex vulnerabilities, such as reentrancy and economic attacks, with deep contextual understanding and low false positives. These tools, combined with platforms like Battlechain, enable a streamlined workflow: code is written, AI-audited within minutes, deployed on a test chain for real-world attack simulations, and quickly refined. This process compresses development cycles from months to hours at minimal cost. Future advancements may include wallet-integrated AI audits, allowing users to scan contracts in real-time before signing transactions. AI is set to transform DeFi security across development, chain, and user layers, reopening the door to rapid experimentation and innovation. This shift could empower individual developers to create groundbreaking protocols quickly and safely, much like the early pioneers of DeFi.

marsbit04/03 10:14

When AI Solves Security, Will DeFi Return to Its Golden Age?