CoW Swap was hacked for a total of $166,000, malicious contracts have been revoked, and user funds are safe.

share
CoW Swap was hacked for a total of $166,000, malicious contracts have been revoked, and user funds are safe.

Table of Contents

Hackers Targeting "Slover" Vulnerability

For trades matching external liquidity on the chain, GPv2 introduces the concept of a "searcher slover," which is a third-party tool for protocol integration, attempting to find the best trades on the chain through competition among various parties.

Transactions on CowSwap incur a certain fee, with a portion given to the slover, and each slover can access the settlement contract, where transaction fees from the past week are usually stored.

CoW Swap Hacked Incident

On the evening of 2/7, hackers depleted the funds in the settlement contract through the slover. According to the analysis report released by CoW Swap, a new slover joined the "solver competition."

After being whitelisted, the Barter Solver contract was exploited, and the hackers had a deep understanding of its operation. They waited until the last day for the slover to calculate fee sharing before launching the attack, siphoning off a total of $166,000.

The Barter Solver team has revoked the related malicious contract, and CoW Swap emphasized that user funds are safe because they never custody user assets. They will decide whether to allow Barter Solver back into the competition and have also apologized for the panic caused.