CoW Swap Solver Exploit— Post mortem 07/02/2023
Update as of 08/02/2023
The barter solver who got hacked already refunded the losses it caused.
Next steps for CoW DAO are to decide on the slashing process and to judge whether the Barter Solver can be re-added to the solver competition.
TL;DR
On February 7th 2023, CoW Swap’s settlement contract suffered an exploit wherein a hacker was able to drain ~$166K from the contract. Although still an exploit, it is important to highlight two crucial facts regarding this hack:
- User funds WERE NEVER AT RISK and have NOT been COMPROMISED.
- The protocol WILL RECOVER the stolen funds through its solver bonding pool mechanism, which is intended to mitigate such incidents.
To recap: as a trader, there is NO reason to worry or revoke approvals. CoW Swap never takes custody of your funds, since all trades are purely atomic. In order to have your funds compromised through CoW Swap, a hacker would need to obtain a signature from your private keys or have direct access to them.
Background information
CoW Swap engages in a so-called “solver competition”, where external parties develop an algorithm to compete against other solvers to find the best execution route for CoW Swap users. Each solver team is independent from each other, and is able to deploy the necessary measures for their algorithm to perform in the best possible way.
In the hunt for better prices, solvers are allowed to tap into the CoW Swap settlement contract’s funds (called the “buffers”) to replace certain AMM interactions and thus save on gas. The settlement contract holds the buffer funds and allows the solver teams to tap into them whenever needed. These buffers accrue from fees that users pay in their sell token and are periodically drained into the protocol’s reward Safe.
In order to prevent malicious behaviour on the part of solvers and to recover from any exploits, in CIP-7 CoW Swap implemented a bonding pool mechanism by which each solver needs to deposit $500,000 worth of cUSDC and 1.5M COW tokens as collateral for these sorts of scenarios. In the event of malicious behaviour or a hack, solvers would then get slashed and part of their bond is removed to cover for such events.
How did it all happen?
On January 27th, 2023 a new solver entered the competition: the Barter solver. The process was typical: after some time in staging and the depositing of the bond in the pool, the solver was allowlisted and moved onto production. Shortly after being allowlisted, the Barter solver set an approval to a contract they developed, called SwapGuard.
The aim of the intermediary SwapGuard contract is to limit the amount of tokens that can be lost in a single transaction due to slippage The goal for the Barter solver when interacting with this contract was to prevent their settlements from being exploited by MEV when submitted on-chain.
In this batch settlement that the Barter solver won, we can see that they performed a series of swaps and a single approval when executing the batch settlement. This approval is the reason for the incident.
https://twitter.com/peckshield/status/1622801412727148544/photo/1
The SwapGuard contract was previously approved to spend the settlement contract’s DAI as part of a settlement. Because of a security issue that allowed arbitrary call execution from the SwapGuard contract, the attacker was able to leverage the existing approval to transfer funds from the settlement contract to their account (address 1 and address 2). The Barter solver made the mistake of approving a vulnerable contract with the maximum value of DAI to SwapGuard, which is the root cause of the attack. This meant that since the contract had an interface for an arbitrary call, any informed hacker could call upon this function to drain the token allowances with the correct permissions.
It appears that the hacker was aware of the CoW Swap solver process, as they waited until the last day of fee accrual before performing the attack. Fees are usually withdrawn once a week on Tuesdays.
Once the issue came to light, the Barter team and the CoW Swap team hit the ground running to mitigate any possible damage or side effects. After some debugging, the issue was discovered and mitigated. All approvals for the ‘bad contract’ have been revoked, and the Barter Solver has upgraded to a new contract which has no arbitrary execution code functionality built in.
What are the next steps?
As mentioned before, all approvals for the bad contract have been revoked, and no more funds are at risk. As per the rules defined by CIP-7, CoW DAO will slash the barter solver to compensate for the losses and will denylist the solver until full repayment is done.