Slow Fog: The core reason for the zkLend attack incident is that the market contract uses the safeMath library

Regarding the incident where zkLend was attacked and over 9 million US dollars were stolen, SlowMist published an analysis on platform X stating that the core reason for this attack lies in the safeMath library used by the market contract. When performing division calculations, it uses direct division, which leads to a rounding down flaw when calculating the actual number of zTokens that need to be destroyed during withdrawal operations. Attackers may exploit this vulnerability to illegally gain profits. SlowMist reminds users to closely monitor their asset status on zkLend and temporarily stop any recharge actions related to zkLend to avoid possible losses.