Top-Tier MEV Bot Loses $7.5 Million: Is 'Approval' the Most Overlooked Fatal Risk On-Chain?

marsbitPublished on 2026-06-24Last updated on 2026-06-24

Abstract

The article discusses a sophisticated attack on a prominent Ethereum MEV (Miner Extractable Value) bot, Jaredfromsubway.eth, resulting in a loss exceeding $7.5 million. Unlike typical exploits involving key leaks or smart contract bugs, this attack was a carefully orchestrated "reverse hunt." The attacker spent weeks deploying fake tokens and liquidity pools that mimicked legitimate assets like WETH and USDC. These pools were designed to appear as profitable arbitrage opportunities, tricking the automated bot's trading logic. During its normal operation, the bot was induced to grant ERC-20 token approvals to the malicious contracts. Once sufficient permissions were accumulated, the attacker drained the bot's funds by calling these pre-approved allowances. This incident highlights the often-underestimated risks associated with token approvals in Web3. The article explains that approvals are a fundamental mechanism, allowing smart contracts (like DEXs) to move a user's tokens on their behalf. However, risks arise from practices like granting infinite approvals, the persistence of approvals even after disconnecting from a dApp, and the potential for a once-trusted contract to become compromised later. The piece concludes with advice for managing approval risks: users should adopt the principle of least privilege (approving only the needed amount), use separate wallets for storage versus interactions, and regularly audit and revoke unnecessary approvals using tools like Revoke....

Author: imToken

A long-running MEV bot that hunted ordinary traders on Ethereum finally fell into a 'custom-made' trap worth $7.5 million.

On June 21, the well-known Ethereum sandwich arbitrage bot Jaredfromsubway.eth was attacked, with assets including WETH and USDC transferred from its address. Preliminary statistics show losses exceeding $7.5 million (though public reports on the exact loss figure still vary).

Interestingly, this attack was neither due to private key leakage nor the exploitation of traditional smart contract vulnerabilities. Instead, the attacker deployed a large number of fake tokens, liquidity pools, and auxiliary contracts in advance, packaging them as trading paths with potential arbitrage opportunities. This lured the bot into automatically granting ERC-20 Approvals to malicious contracts during execution, ultimately allowing the assets to be 'legally' transferred away.

As of publication, Jaredfromsubway.eth has publicly messaged the attacker on-chain, stating, 'If 2150 ETH is returned within 48 hours, we are willing to offer a 50% white hat bounty. Otherwise, we will pursue all available legal and law enforcement actions.'

However, if even a highly specialized, code-driven MEV bot can stumble over an Approval, it forces us to re-examine how dangerous the 'Approval' action we use every day truly is.

I. A Reverse Hunt Designed Specifically for an MEV Bot

A careful review of this attack reveals it was not an accidentally triggered flaw but a long-term hunt designed around Jaredfromsubway.eth's trading logic.

Jaredfromsubway.eth has long been one of the most famous sandwich arbitrage bots on Ethereum. Simply put, a sandwich attack involves the bot spotting an impending on-chain transaction, buying ahead of the user to push the price up, waiting for the user to complete their transaction at a worse price, and then immediately selling to pocket the difference.

Consequently, this strategy requires the bot to continuously scan the mempool, identify arbitrage opportunities at extreme speed, and construct transaction paths calling various tokens and contracts. This also means the faster the speed and the broader the asset and protocol coverage, the more opportunities the bot can capture.

Yet, this very aspect became the entry point for this incident.

Based on post-mortem analysis, the attacker did not directly attack the bot's fund contract. Instead, they spent weeks constructing a trading environment that appeared profitable:

  • Step One: Deploy numerous fake tokens and liquidity pools. These tokens mimicked common assets like WETH, USDC, and USDT in name, interface, and trading behavior, tricking the bot's automated identification system into believing it had discovered normal trading paths.
  • Step Two: Gradually gain the bot's trust. In early tests, the approvals granted by the bot were consumed normally during transactions. Once the bot's system began repeatedly executing similar paths, the attacker adjusted the contract logic. This left some of the approvals generated by the bot unconsumed and not reset to zero after transactions, causing them to persist.
  • Finally, the attacker centrally invoked the still-valid approval limits to transfer the real WETH, USDC, and USDT from the bot's contract.

In essence, the entire attack precisely targeted the operational characteristics of MEV bots: first, create an environment that matches their profit-judgment rules; then, exploit their mechanism of pursuing automated execution of trading paths, making the system proactively hand over asset-calling permissions.

This also explains why even a highly specialized MEV bot could be tricked.

It knows how to calculate price differences, Gas costs, and transaction ordering, but may not conduct thorough identity verification for every newly appearing contract. From this perspective, the problem for ordinary users is 'confirming without understanding,' while the problem for automated bots is 'executing automatically without confirmation.'

Superficially, the two are entirely different, but the underlying risk is quite similar: both treat approval as just an ordinary step before completing a transaction, without clearly recognizing how high its hidden risk can be.

II. Why is Approval Always Underestimated?

As is well known, in the ERC-20 standard of Ethereum and EVM-compatible chains, Approve (authorization) is a fairly low-level design.

However, when users directly transfer tokens via their wallet, they typically call `transfer`, which generally doesn't involve Approve. Only in smart contract scenarios like DEXes, lending, staking, or adding liquidity—where users need a smart contract to call tokens on their behalf—does Approval come into play.

For example, when we want to swap USDT for ETH on Uniswap, Uniswap's smart contract cannot directly take USDT from your wallet. It must first execute an Approve to tell the system, 'I allow Uniswap to withdraw X amount of USDT from my wallet.'

Only after the approval is granted can the authorized contract, via `transferFrom`, call the user's USDT within the set limit, allowing the subsequent Swap to proceed smoothly.

In other words, Approval itself is not a vulnerability; it's a fundamental basis for DeFi's normal operation. The problem, however, is that it's somewhat like automatic debit permissions on Alipay/WeChat Pay:

The user hasn't given their account password to the merchant, but they have allowed the merchant to initiate debits within an agreed range. As long as the authorization remains valid, subsequent debits don't require the user to re-enter a password or confirm each transaction individually. This inherently creates issues.

First, there's the issue of infinite approval—turning a one-time transaction into long-term permission. Mainly to reduce operational and Gas costs from repeated approvals, many DApps default to requesting an extremely large approval limit, commonly known as 'infinite approval.'

A user might have only intended to use 100 USDC for a single transaction but ended up allowing the contract to potentially use all USDC in their address in the future. As long as this approval isn't revoked, even if the user's wallet only held a small amount of assets at the time, future deposits of USDC could continue to be affected.

Second, approvals don't disappear by default when you leave a DApp. Many users confuse 'disconnecting a wallet' with 'revoking approval.' In reality, disconnecting only temporarily prevents the webpage from reading or requesting the current wallet; it doesn't change the Approval already written to the blockchain.

Closing the webpage, deleting the DApp, clearing browser cache, or even changing wallet applications won't automatically invalidate it.

Finally, even legitimate contracts can become dangerous in the future. Many approval risks don't only come from phishing sites that were malicious from the start, as seen in this hunt. A user might grant permission to a protocol that was normal at the time, but later, the protocol's contract could be hacked, admin keys leaked, upgradeable logic replaced, or issues could arise with its called router contracts.

For the user, the assets remain in their address, but from a permissions perspective, another contract always retains the ability to call those assets. Therefore, Approval risk isn't just about 'did I authorize a bad actor,' but also includes 'could the entity I authorized have problems later?'

III. So, How Can We Manage Approval Risk?

Faced with Approval risk, the simplest advice is 'don't grant infinite approval.'

However, in real-world DeFi usage, completely refusing approval is impractical. As mentioned, approval itself is not a flaw; it's the basic method for on-chain applications to call assets.

What truly needs to change is transforming Approval from a one-time confirmation action into an ongoing permission management mechanism.

For ordinary users, first, it's essential to establish a few basic habits:

  • First, follow the 'principle of least privilege.' When a wallet pops up an approval prompt, try to set the limit based on the actual needs of the current interaction. For example, if you only plan to use 100 USDT, try to approve only an amount close to 100 USDT, rather than directly granting unlimited permission.
  • Second, separate storage wallets from interaction wallets. Avoid frequently connecting addresses holding large long-term assets to unfamiliar DApps. For activities like airdrops, minting, new projects, and high-risk DeFi interactions, use a separate address to limit potential losses to a smaller scope.
  • Third, regularly check and revoke approvals no longer needed. Users can utilize tools like Revoke.cash or, within imToken, navigate to the corresponding token page, click 'Token Function' in the bottom left, then select 'Authorization Management' to view approval targets, tokens, and amounts for that address. Revoke permissions that are no longer used or of unknown origin (further reading: Step-by-Step Guide to Using Revoke.cash for Authorization Management).

Of course, at the end of the day, facing unpredictable approval attacks, relying solely on user security awareness and regular checks isn't enough. After all, most users find it difficult to distinguish who a string of contract addresses belongs to or judge whether a particular approval amount is reasonable.

Therefore, as the first line of defense for users entering Web3, wallets must provide active defense in their product capabilities.

Taking imToken as an example, it marks or blocks identified risky tokens, addresses, and DApps. When users grant token permissions to ordinary external accounts or make direct transfers to contract addresses, targeted risk warnings are also provided. These warnings cannot replace user judgment but at least add a necessary safety buffer before actual signing.

Additionally, imToken performs structured parsing and human-readable presentation of signature content during key processes like DApp login, transfers, token swaps, and approvals. This aims to help users understand what they are agreeing to before confirmation, ensuring that the content users sign must be consistent with the behavior they see, rather than being compressed into an indistinguishable hash string.

With the further advancement of standards like ERC-7730 (Clear Signing), this 'What You See Is What You Sign' readable presentation is expected to gradually evolve from a single wallet's product capability into an industry standard shared among wallets, DApps, and smart contracts.

Overall, private keys determine who owns an account, while Approvals determine who else can call the assets within that account. They are not the same thing but are equally important.

This also means that wallet security cannot stop at 'has the private key been leaked.' This requires joint effort from users to wallets: For users, it's about seeing the object and amount before approving, and promptly cleaning up unnecessary permissions after interactions end. For wallets, it's about making these permissions—originally hidden within contracts—more visible, easier to understand, and more convenient to limit and revoke.

After all, what's truly dangerous might not be the transfer that just happened, but an approval long forgotten yet never invalidated.

Trending Cryptos

Related Questions

QHow did the attacker manage to steal $7.5 million from the Jaredfromsubway.eth MEV bot, and what was the core vulnerability exploited?

AThe attacker did not exploit a private key leak or a traditional smart contract vulnerability. Instead, they spent weeks creating a 'honeypot' environment by deploying numerous fake tokens and liquidity pools that mimicked legitimate assets like WETH and USDC. This setup tricked the MEV bot's automated system into identifying these as profitable arbitrage paths. During its execution, the bot was induced to grant Approvals to the malicious contracts. Once the approvals were in place and the bot had accumulated a certain level of trust through repeated interactions, the attacker called the still-valid approval limits to legally transfer the bot's real WETH, USDC, and USDT assets. The core vulnerability exploited was the bot's automated and insufficiently verified granting of ERC-20 token approvals.

QWhat are the three main reasons why Approval risks are often underestimated by users in DeFi, according to the article?

AAccording to the article, Approval risks are underestimated due to three main reasons: 1. **Unlimited Approvals**: Users often grant extremely high or infinite approval amounts to DApps to save on gas fees and repeated confirmations for future transactions, exposing all current and future tokens of that type. 2. **Persistence of Approvals**: Users commonly mistake disconnecting a wallet from a DApp interface with revoking an approval. Approvals are recorded on-chain and remain valid until explicitly revoked, regardless of closing the website or switching wallets. 3. **Future Risk of Approved Contracts**: A contract that was safe at the time of approval can later become dangerous due to exploits, admin key leaks, logic upgrades, or issues with downstream contracts it calls, posing an ongoing risk.

QWhat practical steps can ordinary users take to manage and mitigate their Approval-related risks?

AOrdinary users can take several practical steps to manage Approval risks: 1. **Principle of Least Privilege**: Only approve the specific amount needed for the current transaction, avoiding unlimited approvals whenever possible. 2. **Separate Wallets**: Use a dedicated 'hot' wallet for frequent interactions with new or high-risk DApps, and a separate 'cold' wallet for storing significant long-term assets to limit potential exposure. 3. **Regular Review and Revocation**: Periodically use tools like Revoke.cash or wallet-built-in features (e.g., imToken's 'Token Function' -> 'Authorization Management') to review all active approvals and revoke those that are no longer needed or from unknown sources.

QWhat role do wallets like imToken play in helping users defend against Approval risks, beyond user education?

AWallets like imToken provide proactive defense mechanisms at the product level: 1. **Risk Identification and Warnings**: They mark or block known risky tokens, addresses, and DApps, and provide specific risk warnings when users attempt actions like granting token approvals to external accounts or transferring directly to contract addresses. 2. **Clear Signing (Structured Transaction Decoding)**: They parse and present the content of signature requests (for logins, transfers, swaps, approvals) in a human-readable, structured format. This helps users understand what they are agreeing to before signing, ensuring 'What You See Is What You Sign' and preventing confusion with raw hash data. 3. **Support for Industry Standards**: They support the development and adoption of standards like ERC-7730 (Clear Signing) to make this safety feature a shared industry standard across wallets, DApps, and smart contracts.

QAccording to the article's conclusion, how does the importance of managing Approvals compare to protecting private keys, and what is the required approach for overall wallet security?

AThe article concludes that managing Approvals is equally as important as protecting private keys, but they address different aspects of security. The private key determines **who owns the account**, while Approvals determine **who else can move the assets within that account**. Therefore, wallet security cannot be solely focused on 'whether the private key is leaked.' A comprehensive approach requires effort from both users and wallet providers: Users must carefully review approval requests, grant minimal necessary permissions, and regularly clean up unused approvals. Wallet providers must make these on-chain permissions more visible, understandable, and easier to limit and revoke through better user interfaces and proactive safety features.

Related Reads

MSTR Discloses Sale of 3,588 Bitcoins, Stock Price Drops Over 5% at One Point During Trading

MicroStrategy, the world's largest corporate holder of Bitcoin, has significantly shifted its business model. Between June 29 and July 5, the company sold 3,588 bitcoins for approximately $216 million to fund quarterly dividends for its preferred stock. This marks its largest-ever Bitcoin sale and signals a strategic pivot: Bitcoin is transitioning from a "buy-and-hold" reserve asset to a liquidity management tool for the company. This move follows a recent authorization allowing Bitcoin sales when equity fundraising is less attractive. The announcement contributed to a more than 5% intraday drop in MicroStrategy's stock price, while Bitcoin fell to around $61,800—below the company's average holding cost of roughly $75,700. The sale represents a major departure from MicroStrategy's long-standing "never sell" commitment, which saw its first minor breach in May with a $2.5 million sale. The latest, hundred-times-larger transaction underscores growing financial pressures. Analysts note the company faces about $1.5 billion in annual preferred dividend obligations, far exceeding cash flow from its software business. As of July 5, MicroStrategy holds 843,775 bitcoins. Its current operational logic involves buying Bitcoin during favorable financing conditions and selling portions to cover dividends when needed, creating a flexible capital management cycle amidst a challenging market environment.

华尔街日报4h ago

MSTR Discloses Sale of 3,588 Bitcoins, Stock Price Drops Over 5% at One Point During Trading

华尔街日报4h ago

Q-Day Countdown: Will Quantum Computing End Cryptocurrencies?

Quantum Computing's Threat to Cryptocurrency: A Countdown to Q-Day Quantum computing, specifically Shor's algorithm, poses a fundamental threat to the public-key cryptography (e.g., ECDSA, RSA) that secures blockchain networks like Bitcoin and Ethereum. This critical juncture, known as Q-Day, is estimated to occur potentially within the next 5-15 years. The core vulnerability stems from the public and immutable nature of blockchains. Assets in addresses where the public key is already exposed on-chain (e.g., spent outputs) are at direct risk, as a sufficiently powerful quantum computer could derive the private key. This threatens the very trust model of cryptocurrencies. The response lies in Post-Quantum Cryptography (PQC)—algorithms like lattice-based ML-DSA and hash-based SLH-DSA, which are resistant to quantum attacks. NIST has standardized key PQC algorithms (FIPS 203, 204, 205), providing a migration path. However, the primary challenge is not technical but socio-economic and involves complex governance: * **Bitcoin's** path is constrained by its conservative ethos. Migrating requires a soft-fork to new address types, facing hurdles like significantly larger signature sizes and, most critically, the divisive governance question of how to handle at-risk legacy UTXOs without violating core principles. * **Ethereum** is pursuing a "cryptographic agility" strategy, with a multi-layered roadmap. It leverages account abstraction for user accounts and is developing compressed hash-based signatures (e.g., leanXMSS) for its consensus layer, aiming for a full-stack upgrade over time. In conclusion, quantum computing does not spell an instant end for cryptocurrency but initiates a critical countdown. The industry has a limited "engineering comfort window" to orchestrate a coordinated, ecosystem-wide migration to PQC. The ultimate bottlenecks are the immense coordination efforts and governance decisions required for this foundational transition.

marsbit4h ago

Q-Day Countdown: Will Quantum Computing End Cryptocurrencies?

marsbit4h ago

Trump, the President Who Knows Best How to 'Trade Stocks'

Former US President Donald Trump reported a record-breaking $2.2 billion in personal income for 2025, the highest annual income ever disclosed by a sitting president. This figure, from a 927-page government ethics filing, represented a 3.5-fold increase from his $600 million income in 2024 and boosted his net worth to $6.5 billion. The primary drivers were cryptocurrency (64% of income, approximately $1.4 billion) and real estate (26%, approximately $575 million). His crypto earnings stemmed largely from the launch of his personal meme coin, $TRUMP, generating over $600 million in licensing fees, and substantial profits from the WLFI token and its parent company. Despite a sluggish property market, his Mar-a-Lago resort and associated golf clubs saw revenue surges of 50% and 27%, respectively, attributed to their use as venues for presidential events. Trump's financial disclosure also revealed an unprecedented level of stock market activity, with over 22,000 trades executed in 2025, averaging 87 trades per market day. Media analyses noted several instances where significant trading coincided with major policy announcements, such as proposed tariffs, raising questions about potential conflicts of interest. While the White House stated these trades were handled by a family-managed trust fund and not Trump directly, critics highlighted this as a departure from the blind trusts traditionally used by presidents post-Watergate. The report has intensified debate over the commercialization of the presidency. Supporters view it as a success story of a businessman-president, while critics argue it demonstrates an unprecedented conversion of public influence into private wealth, with policy decisions potentially linked to personal financial gains. The controversy centers on whether Trump's earnings represent innovative entrepreneurship or a fundamental conflict of interest, sparking renewed calls for stricter ethics reforms in US governance.

marsbit5h ago

Trump, the President Who Knows Best How to 'Trade Stocks'

marsbit5h ago

Countdown to Q-Day: Will Quantum Computing End Cryptocurrencies?

The article explores the existential threat quantum computing poses to cryptocurrencies and the urgent need for "post-quantum" migration. It outlines that quantum computers, through Shor's algorithm, could break the elliptic-curve cryptography (ECC) underlying blockchain security, potentially allowing private keys to be derived from public keys. The core challenge is not a lack of post-quantum cryptography (PQC) standards—like NIST's ML-KEM and ML-DSA—but the immense complexity of upgrading entire ecosystems before "Q-Day" (when quantum computers become capable of such attacks, estimated around 2035-2045). Key points include: * **Bitcoin's** risk is concentrated in legacy UTXOs with exposed public keys (e.g., early P2PK outputs). Migration faces massive hurdles: PQC signatures are much larger, increasing transaction size and cost, and the governance dilemma of handling un-migrated assets threatens its "code is law" ethos. * **Ethereum's** strategy focuses on "cryptographic agility," using Account Abstraction for user accounts and developing compressed hash-based signatures (like leanXMSS with SNARK aggregation) for consensus. Its migration is a complex, full-stack overhaul of execution, consensus, and data layers. * The "security debt" is enormous. The comfortable engineering window for a coordinated, ecosystem-wide upgrade is only 5-8 years. High-value infrastructure (exchanges, bridges) may face pressure before mainnet protocols. In conclusion, quantum computing is not an instant "doomsday" event but a forcing function for systemic change. Bitcoin's ultimate test is social consensus and property rights governance, while Ethereum's is technical complexity. Failure to migrate in time could lead to a fundamental re-pricing of crypto assets.

链捕手5h ago

Countdown to Q-Day: Will Quantum Computing End Cryptocurrencies?

链捕手5h ago

Trading

Spot

Hot Articles

Discussions

Welcome to the HTX Community. Here, you can stay informed about the latest platform developments and gain access to professional market insights. Users' opinions on the price of ETH (ETH) are presented below.

活动图片