SlowMist’s Cosine Analyzes BNB Chain OLPC/LABUBU Pool Attack: Suspected Pre-Designed Vulnerability

CoinFeed reported on June 20 that SlowMist Security founder Cosine published a review of the BNB Chain PancakeSwap OLPC/LABUBU liquidity pool theft incident, pointing out multiple suspicious human-operated actions in this attack. The root cause of the pool being drained lies in an exploitable logic vulnerability in the OLPC token contract: the contract's _update function can destroy an amount of OLPC tokens equal to value * decimalsValue when specific conditions are met.