Infinite Mint Attack

An infinite mint attack is a critical smart contract vulnerability that allows an attacker to create unlimited tokens or assets without proper authorization or balance constraints. This exploit typically occurs when a contract's minting function lacks adequate checks, such as missing require statements, incorrect access controls, or logic flaws that fail to enforce supply caps. The attacker can repeatedly call the vulnerable function to generate tokens at will, potentially inflating the token supply to astronomical levels, destroying the asset's economic model, and causing severe financial damage to legitimate token holders and the project itself. Example: The Harvest Finance attack in October 2020 involved exploiting a vulnerability in their smart contract that allowed attackers to manipulate token minting through flash loan attacks, resulting in a loss of approximately $34 million before the team deployed mitigations. Why it matters for crypto security: Infinite mint vulnerabilities represent existential threats to token projects, capable of rendering assets worthless overnight. Preventing these attacks through rigorous code audits, formal verification, and careful access control implementation is essential for maintaining investor confidence and protocol integrity.

Category: wallets security, tokenomics

Explore the full Web3 Glossary — 2,062+ expert-curated definitions. Need guidance? Talk to our consultants.