Bug Discovered in ENS Auctions, Finalizations Temporarily Halted

What is the full list of .eth names that were compromised?

Well done for the transparency and quickly acting on it.

The only worrying aspects are names which were already incorrectly given. If you decide to extend auctions, is it possible to take a gap between the end of the auction and finalization? It may prevent further irreversible misgiving of names in case that other bugs are found.


Here’s an update:

Thank you very much for the transparency.

A point is not very clear to me:

Auctions that have already been completed but have not yet transmitted the domains to the highest bidder will be extended for longer? Or only auctions that have not yet finished their time?



Once bidding is re-enabled, we will extend all open ENS auctions so that users who were experiencing issues have more time to bid. This includes any auctions for which the ENS names have not yet been transferred to a bidder.


When will the auction begin again? and is there any advance notice ?

In addition, I can’t open the page on https://medium.com/opensea/how-were-resolving-the-issues-with-the-ens-short-name-auctions-93c78158de48 , could anybody copy the content and email to me ( qieda#163#com)

thanks very much for your help

Alex from OpenSea here. All ENS auctions (completed or not) are being reviewed for extensions, and we’re reconsidering whether to extend the auctions that weren’t hacked, in conjunction with the ENS team - ultimately their call. We’ve updated the blog post accordingly:

Once bidding is re-enabled, we will extend relevant ENS auctions so that users who were experiencing issues have more time to bid.

Thanks Alex.

It would be disappointing that those of us who have won auctions legitimately do not obtain the domains. I hope your decision is not to repeat auctions that are not involved in the hacking.


Update: all “stolen” names have been returned


When are auctions going to resume? We hoped it would have been as you said last week. Is everything alright?