A hacker known as “Pink Drainer” has discovered a method to enable private sales on Blur, a platform that typically does not offer this feature.
This revelation, first shared by Twitter user Quit, has the potential to alter the dynamics of the NFT marketplace significantly.
Blur, an NFT marketplace, traditionally does not offer private listings. Any user can fulfill any listing created on the platform. However, Pink Drainer has found a way to purchase items for near zero ether (ETH) on Blur. This is achieved by uniquely exploiting the royalty system.
Typically, if a scammer tricks a victim into creating a Blur listing for the minimum amount of ETH, arbitrage bots would outpace them. These bots are willing to pay most of the value of the NFT in fees to block validators, thereby securing the purchase for themselves. This situation is not ideal for phishing hackers such as Pink Drainer.
To counteract this, scammers have been known to phish signatures to list items above the floor price, with their own address set as the royalty recipient with 100% royalties. However, Pink Drainer has taken this concept a step further.
Pink Drainer sets a royalty recipient with 100% royalties, but instead of putting the recipient to themselves, they set it to a contract. This contract reverts for any transaction in which Pink Drainer is not the origin.
As a result, even though the NFT is publicly listed for nearly zero ETH, no one can fulfill it except for the hacker. If someone else tries, the royalty payment reverts, causing the entire transaction to revert. This effectively makes it a private listing on the Blur NFT marketplace.
As explained by Quit, his technique could potentially be used by others to create legitimate private listings on Blur. It could even inspire the development of a frontend that simplifies this process. Despite the illicit origins of this technique, it could contribute positively to the NFT space by introducing a new Blur feature that was previously unavailable.