x402's Growth Outpaces Security, Leaving Wallets Open to Exploits

Generated by AI AgentCoin WorldReviewed byAInvest News Editorial Team
Tuesday, Nov 18, 2025 10:41 am ET1min read
COIN--
GPS--
USDC--
Speaker 1
Speaker 2
AI Podcast:Your News, Now Playing
Aime RobotAime Summary

- GoPlus Security warns x402 token ecosystem faces critical vulnerabilities, with hundreds of wallets exploited due to unlimited minting and signature-replay attacks.

- Major flaws include unrestricted token creation (e.g., x420's crosschainMint) and owner-controlled fund drains (e.g., FLOCK's ERC20 extraction capability).

- October 28's cross-layer exploit drained USDCUSDC-- from 200+ wallets, highlighting real-world risks in tokens like U402 and PENG with honeypot behaviors.

- Rapid ecosystem growth outpaced security audits, urging developers to prioritize safeguards over speculative launches to prevent trust erosion.

Security Alert: Hundreds of Wallets Targeted in x402 Token Exploits, Says GoPlus

The x402 token ecosystem, an open payment protocol inspired by the HTTP 402 "Payment Required" status code, is facing a critical security crisis as GoPlus SecurityGPS--, a blockchain risk-analysis platform, warns of widespread vulnerabilities in early-stage projects. The protocol, backed by major players like CoinbaseCOIN-- and Google, has seen explosive growth with hundreds of meme-style tokens and experimental applications. However, this rapid expansion has exposed severe flaws, including unlimited minting, excessive developer permissions, and signature-replay attacks, leaving users' assets at risk.

GoPlus's AI-driven audit of over 30 x402-based tokens revealed recurring patterns of vulnerabilities. These include functions allowing owners to drain wallets, bypass token allowances, and mint tokens without limits. For example, the FLOCK token permits its owner to extract any ERC20 tokens from the contract, while x420 enables unrestricted minting via its crosschainMint function. The report also highlighted the October 28 exploit of a cross-layer x402 protocol, which drained USDC from over 200 wallets in minutes.

The risks are not theoretical. Real-world exploits have already occurred, underscoring the urgency for stricter security measures. GoPlus identified high-risk tokens such as U402, MRDN, PENG, and x402MO, all of which exhibit flaws like honeypot behaviors or allowance bypasses. For instance, PENG allows the owner to withdraw ETH from the contract and bypasses permission checks for specific accounts, while x402b replicates these vulnerabilities. The report emphasizes that these issues stem from a lack of rigorous auditing, as the ecosystem's growth has outpaced due diligence processes.

Retail and institutional investors alike face hidden dangers. GoPlus warns that vulnerabilities often remain undetected until exploited, leaving users with little recourse. The report urges developers and platforms to implement deeper security checks before launching new tokens, advocating for a shift from speculative hype to robust safeguards.

As the x402 ecosystem matures, the need for standardized audits and transparent governance becomes paramount. Without addressing these flaws, the protocol risks undermining trust and repeating the mistakes of past crypto cycles. For now, users are advised to exercise caution, particularly with early-stage projects lacking proven security frameworks.

author avatar
Coin World

Quickly understand the history and background of various well-known coins

Latest Articles

Stay ahead of the market.

Get curated U.S. market news, insights and key dates delivered to your inbox.

Comments



Add a public comment...
No comments

No comments yet