Skip to main content
Security

UXLINK Multi-Signature Wallet Exploited via Delegate Call Vulnerability

A delegate call vulnerability in UXLINK's multi-signature wallet granted administrative control, enabling unauthorized token minting and significant asset draining.
September 26, 20253 min

A sophisticated, silver-toned modular device, featuring a prominent circular interface with a blue accent and various rectangular inputs, is dynamically positioned amidst a flowing, translucent blue material. The device's sleek, futuristic design suggests advanced technological capabilities, with the blue element appearing to interact with its structure
A close-up view presents a futuristic, metallic hardware device, partially adorned with granular frost, held by a white, textured glove. The device's open face reveals an intricate arrangement of faceted blue and silver geometric forms nestled within its internal structure

Briefing

A critical delegate call vulnerability within the UXLINK multi-signature wallet led to a severe security incident on September 22-23, 2025, granting an unauthorized actor administrative privileges. This compromise allowed the attacker to mint approximately 10 trillion unbacked CRUXLINK tokens on the Arbitrum blockchain, subsequently liquidating a portion for ETH, USDC, and other assets, which caused a significant liquidity drain and a 70% price crash for the token. The primary consequence for UXLINK users was the immediate devaluation of their holdings and the loss of trust in the protocol’s security posture, with the attacker converting at least $6.8 million in ETH to DAI.

A clear sphere encases a white sphere marked with a dark line, positioned before a vibrant, geometric blue structure. This visual composition symbolizes the secure encapsulation of digital assets and protocols within the blockchain ecosystem

Context

Prior to this incident, the prevailing attack surface for many DeFi protocols often included complex smart contract interactions and the security of multi-signature schemes. The inherent composability of decentralized finance, while innovative, introduces a heightened risk where a vulnerability in one component, such as a delegatecall function, can cascade into systemic compromise. Unaudited or improperly configured multi-signature wallets, designed for enhanced security, paradoxically become single points of failure when their underlying logic is flawed.

A sophisticated, multi-component device showcases transparent blue panels revealing complex internal mechanisms and a prominent silver control button. The modular design features stacked elements, suggesting specialized functionality and robust construction

Analysis

The incident’s technical mechanics centered on a delegatecall vulnerability within UXLINK’s multi-signature wallet, which was the specific system compromised. This flaw permitted the attacker to execute arbitrary code with the privileges of the multi-signature wallet, effectively bypassing intended access controls and gaining administrator-level access. From the attacker’s perspective, this chain of cause and effect began with exploiting the delegatecall to mint an enormous quantity of CRUXLINK tokens without authorization. The success of the attack was due to the critical flaw in the multi-signature wallet’s contract logic, which failed to properly restrict the execution context of the delegatecall operation, allowing the minting of unbacked tokens and subsequent liquidity draining.

A polished metallic square plate, featuring a prominent layered circular component, is securely encased within a translucent, wavy, blue-tinted material. The device's sleek, futuristic design suggests advanced technological integration

Parameters

  • Protocol Targeted ∞ UXLINK
  • Attack VectorDelegate Call Vulnerability (Multi-Signature Wallet Compromise)
  • Blockchain Affected ∞ Arbitrum
  • Initial Financial Impact ∞ Approximately 10 Trillion CRUXLINK tokens minted, $6.8 Million ETH converted to DAI
  • Attacker’s Subsequent Loss ∞ $43 Million in UXLINK tokens to Inferno Drainer phishing scam
  • Date of Incident ∞ September 22-23, 2025

A modern, rectangular device with a silver metallic chassis and a clear, blue-tinted top cover is presented against a plain white background. Visible through the transparent top, a complex internal mechanism featuring a polished circular platter, gears, and an articulating arm suggests a precision data processing or storage unit

Outlook

Immediate mitigation for UXLINK users involved the protocol’s emergency token migration to a newly audited smart contract with a capped supply. This incident underscores the critical need for rigorous, independent security audits focusing specifically on complex contract interactions like delegatecall within multi-signature wallet implementations. Potential second-order effects include increased scrutiny on similar protocols utilizing multi-signature wallets with intricate delegate call logic, prompting a re-evaluation of their security postures to prevent contagion risk. This event will likely establish new best practices for secure multi-signature wallet design and the necessity of robust post-deployment monitoring.

The UXLINK exploit serves as a stark reminder that even security-focused multi-signature architectures remain vulnerable to subtle code flaws, demanding continuous auditing and a proactive defense against evolving attack vectors.

Signal Acquired from ∞ crypto.news

Micro Crypto News Feeds

multi-signature wallet

Definition ∞ A multi-signature wallet is a type of digital wallet that requires multiple private keys to authorize a transaction.

multi-signature

Definition ∞ Multi-signature, often abbreviated as multisig, is a type of digital signature that requires more than one cryptographic key to authorize a transaction.

vulnerability

Definition ∞ A vulnerability refers to a flaw or weakness in a system, protocol, or smart contract that could be exploited by malicious actors to compromise its integrity, security, or functionality.

delegate call

Definition ∞ A delegate call represents a specialized instruction within Ethereum smart contracts, permitting one contract to execute code from another contract.

blockchain

Definition ∞ A blockchain is a distributed, immutable ledger that records transactions across numerous interconnected computers.

tokens

Definition ∞ Tokens are digital units of value or utility that are issued on a blockchain and represent an asset, a right, or access to a service.

inferno drainer

Definition ∞ Inferno Drainer refers to a specific type of malicious software or scam kit designed to steal digital assets from cryptocurrency users.

token migration

Definition ∞ Token migration is the process of transferring digital tokens from one blockchain network or smart contract to another.

Tags:

Tags: