The Living Force
Not exactly. Normally in situations like this, the contracts contain a bug that allows for 'legitimate' transactions to be executed in such a way that supposedly secure funds can be accessed and moved. Normally all high-profile blockchain projects have their contracts audited, but even a security audit can miss flaws in a badly-designed application, especially if the application depends on multiple contracts. This problem can also occur due to developers looking to rush 'gimmicky' products to market to secure a niche, instead of taking the time to audit first and launch after the appropriate due diligence.It says a vulnerability was found between contract calls - so when numbers are flying through space, from one account to another, they can set up a 'siphon' of sorts, to intercept that and store it in a different account? Am I understanding this correctly?