DEX aggregator CoW Swap falls victim to $180,000 hack

Quick Take

  • Decentralized exchange aggregator CoW Swap suffered a hack resulting in the theft of over $180,000 in crypto assets.
  • A hacker targeted CoW Swap’s settlement smart contract to make a malicious funds transfer.

Decentralized exchange aggregator CoW Swap suffered a major hack, with the attacker making off with over $180,000 in funds, according to security firms PeckShield and BlockSec.

As a decentralized exchange (DEX) aggregator, CoW Swap's goal is to provide users with the best prices across decentralized exchanges. However, a hacker targeted its trade settlement smart contract, GPv2Settlement, to drain funds.

PeckShield estimated that the attacker drained roughly $180,000 worth of DAI from CoW Swap before routing the funds through Tornado Cash to obtain 551 BNB. The attack targeted the GPv2Settlement, a trade settlement smart contract that is part of the CoW Swap alpha (GPv2) protocol.

The CoW Swap team said that the settlement contract that was exploited only has access to the fees collected by the protocol in a week and that the hacker was unable to directly access user funds. The team clarified it experienced a security breach after the hacker exploited a solver account, a participant which competes to provide users with best trade prices .

THE SCOOP

Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

CoW Swap is different from traditional decentralized exchanges (DEXs) because it doesn't require users to make trades themselves. Instead, users sign a trade agreement to exchange two tokens at a specific price, which is then given to third-party "solvers." Each solver has access to the settlement contract which usually stores collected fees over a one week period (before being used to reward solvers).

The recently added "barter solver" deployed an intermediate contract (for slippage protection) to which it gave unlimited DAI approval on behalf of the CoW Swap settlement contract. Due to a bug in their contract, it allowed anyone to invoke arbitrary calls on the intermediary contract, and thus transfer out the protocol’s internal DAI buffers using its allowance.

In response to the breach, CoW Swap immediately revoked all approvals for the barter solver, and thus, indirectly the affected intermediary contract, SwapGuard. The team further reassured users that their funds were never at risk since Cow Swap does not hold user funds. The solver's bond will pay for all damages incurred.


© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

About Author

Vishal Chawla is The Block’s crypto ecosystems editor and has spent over six years covering tech protocols, cybersecurity, artificial intelligence and cloud computing. Vishal likes to delve deep into blockchain intricacies to ensure readers are well-informed about the continuously evolving crypto landscape. He is also a staunch advocate for rigorous security practices in the space. Before joining The Block, Vishal held positions at IDG ComputerWorld, CIO, and Crypto Briefing. He can be reached on Twitter at @vishal4c and via email at [email protected]

Editor

To contact the editor of this story:
Tim Copeland at
[email protected]