Blockchain security firm SlowMist has issued a critical alert regarding potentially suspicious activity involving Meta Pool, a multi-chain liquid staking ecosystem.
According to SlowMist, an anomaly was detected in the project’s smart contract logic, specifically relating to its _deposit function.
The function has reportedly been rewritten in a way that bypasses the standard security mechanisms typically required for token transfers.
As a result, this vulnerability may allow the arbitrary minting of tokens via the mint function, which could pose a significant risk to both the project’s integrity and user assets.
Meta Pool’s Ecosystem and Its Vulnerability
Meta Pool is known for its liquid staking infrastructure and multi-chain support, providing users with features such as Vote-to-Earn through DAO (Decentralized Autonomous Organization) governance.
It allows users to stake tokens while maintaining liquidity and participate in governance to earn rewards.
However, the revelation that its core deposit mechanism has been altered opens the door to potentially malicious exploits.
By circumventing the transfer of actual tokens, attackers may be able to mint new tokens without providing collateral, effectively undermining the economic foundation of the protocol.
Also Read: SlowMist Alerts On EOS Blockchain Crypto Threat Citing Malicious Address Poisoning Activity
Arbitrary Minting Raises Alarms Over Asset Inflation
The most pressing concern stemming from the exploit is the possibility of arbitrary token minting.
If malicious actors are able to mint tokens without depositing real assets, this could lead to severe inflation within Meta Pool’s economy.
Such inflation can dilute the value of existing tokens, compromise staking yields, and ultimately erode investor trust.
These types of vulnerabilities are especially critical in DeFi ecosystems where smart contracts manage large sums of user funds and rely heavily on immutable and secure code execution.
Community Urged to Remain Cautious as Investigation Continues
In response to the discovery, SlowMist has urged the Meta Pool community and the wider DeFi space to remain vigilant.
Users are advised to avoid interacting with the protocol until a full security audit and fix have been implemented.
Meta Pool’s development team has not yet issued an official statement addressing the vulnerability, but SlowMist’s prompt alert is expected to pressure them into taking swift corrective action.
The community, especially DAO participants, must now closely monitor protocol updates and any unusual changes in token supply or contract behavior.
Broader Implications for DeFi Security as SlowMist Flags Other Threats
The Meta Pool alert is just the latest in a series of warnings from SlowMist, which has become a prominent watchdog in the crypto security space.
Recently, the firm also flagged suspicious activity on the Nexo platform, tied to transactions via Binance Smart Chain, sparking concerns about another potential breach.
In parallel, SlowMist has warned the community about resurgent ‘fake Ledger’ scams, where counterfeit devices are mailed to users with pre-filled recovery phrases.
Phishing scams through fake Telegram groups impersonating SlowMist itself.
These ongoing alerts highlight the persistent and evolving threats facing DeFi and crypto investors, reinforcing the need for stronger contract audits, user awareness, and platform accountability.
Also Read: SlowMist’s Founder Warns, Without 2FA, Privy-Based Wallets Are At Risk Of Losing All Assets