shield Business Logic Flaw

ARK Exploit: Business Logic Flaw Incident Explained (2024)

Q: When did the ARK hack happen?

The ARK exploit was recorded on March 24, 2024 — 751 days ago.

Q: What type of exploit hit ARK?

The ARK incident is classified as a Business Logic Flaw. A business-logic bug in the contract — such as an incorrect formula or missing state update — lets the attacker withdraw more than their share.

Q: How common is the Business Logic Flaw pattern seen at ARK?

Our archive contains 144 documented business logic flaw incidents. The ARK incident is one of them.

Q: How does ARK compare to the largest Business Logic Flaw attack?

The largest business logic flaw incident in our archive is - EulerFinance (2023) at $200M. The ARK loss was not publicly disclosed.

On March 2024, ARK suffered a business logic flaw — the first of 144 documented business logic flaw incidents in our archive where the loss figure was not publicly disclosed but the exploit pattern is documented below.

Attack Mechanics: How the ARK Business Logic Flaw Played Out

Exploit Class Applied to ARK

The ARK incident on March 24, 2024 is classified as a Business Logic Flaw. A business-logic bug in the contract — such as an incorrect formula or missing state update — lets the attacker withdraw more than their share. In the full archive, ARK is 1 of 144 documented business logic flaw incidents.

ARK in Context

The ARK incident joins a class whose largest loss to date is – EulerFinance (2023) at $200M.

Prior Business Logic Flaw Before ARK

The nearest business logic flaw incident before ARK was MO, 10 days earlier on March 14, 2024 ($413K lost). The same exploit class surfaced again within the business logic flaw attack surface.

Impact & Recovery for ARK

ARK Loss Figure

The loss figure for ARK is not publicly disclosed. The primary source reports the exploit in non-USD terms, so no USD estimate is published here. For reference, the average loss across 144 business logic flaw incidents in our archive is $6.08M.

Timeline Since the ARK Incident

The ARK exploit occurred 2.1 years ago (751 days). The contract, its fork-block, and the attack transaction remain on-chain and forensically reproducible.

Primary Reference for ARK

Public post-mortem / on-chain analysis for the ARK incident: view source. Secondary narrative coverage: Co-owner of shuttered Polish crypto exchange Bitmarket found dead.

FAQ

How much did ARK lose?

The ARK loss figure is not publicly disclosed. The primary source reports the exploit in non-USD token terms, so no USD estimate is published here.

When did the ARK hack happen?

The ARK exploit was recorded on March 24, 2024 — 751 days ago.

What type of exploit hit ARK?

The ARK incident is classified as a Business Logic Flaw. A business-logic bug in the contract — such as an incorrect formula or missing state update — lets the attacker withdraw more than their share.

How common is the Business Logic Flaw pattern seen at ARK?

Our archive contains 144 documented business logic flaw incidents. The ARK incident is one of them.

How does ARK compare to the largest Business Logic Flaw attack?

The largest business logic flaw incident in our archive is – EulerFinance (2023) at $200M. The ARK loss was not publicly disclosed.

What is the primary goal of integrating GNNs into financial anti-fraud efforts?

To improve the accuracy and reliability of fraud detection by analyzing complex relationships in transaction data.

What challenge does the protocol aim to address in cross-chain transactions?

The need for a secure, privacy-preserving, and offline-tolerant multi-party transaction protocol.