Coinbase Lost $300K After Misstep with 0x Swapper Contract

TheCryptoTimesDipublikasikan tanggal 2025-08-09Terakhir diperbarui pada 2025-08-14

Coinbase recently lost about $300,000 in token fees after a flaw in how its corporate wallet interacted with a smart contract from the 0x Project.

A security researcher of Venn Network, deeberiroz, reported that Coinbase’s wallet had mistakenly approved tokens for a “swapper” contract. As per the screenshot shared by the researcher, these tokens are ONDO, AMP, SWELL and others. 

The swapper contract, which was created solely for trading purposes, was never designed to store token approvals. This misconfiguration left the funds vulnerable and waiting to be exploited by MEV bots, created solely to exploit this functionality. 

Maximal Extractable Value (MEV) bots are automated programs operating on blockchains. These programs run on for the sole purpose of identifying and profiting from price differences in transaction ordering.

The security officer at Coinbase, Philip Martin, verified the incident by saying, “I can confirm this is an isolated issue due to a change we made with one of our corporate DEX wallets, which led to unauthorized transfers.” The exchange has since shut down the token approvals and transferred the remaining funds into a new wallet.

What is the 0x Protocol?

Launched in 2016, the 0x Protocol is an open-source, Ethereum-based infrastructure that enables peer-to-peer digital asset trading. It’s an open-source collection of publicly audited smart contracts that can be utilized to create trading applications by developers. The protocol is very flexible and is utilized by many platforms to pool liquidity and enable token swapping.

In the Coinbase case, the MEV bots were successful in draining the funds due to the exchange’s improper setup of approval that enabled bots to invoke the swapper contract and carry out unauthorized transfers of the approved tokens.

Also Read: Coinbase, Squads Protocol Push USDC Growth on Solana



Bacaan Terkait

Proposal Pinjaman XRPL Membuka Pintu untuk Kredit Institusional di XRP Ledger

**TL;DR:** Proposal pinjaman XRPL membuka pintu bagi kredit institusional di XRP Ledger. Amandemen XLS-65 (Brankas Aset Tunggal) dan XLS-66 (Protokol Pinjaman) kini terbuka untuk voting di mainnet, memerlukan konsensus 80% selama 14 hari untuk diaktifkan. Poin kunci: persetujuan kredit dan underwriting tetap terjadi di luar rantai (off-chain); protokol di ledger hanya menangani logika penyelesaian, pelayanan pinjaman, dan akrual bunga. **Apa yang Terjadi:** Proposal ini menandai perkembangan signifikan bagi XRPL, memperluas fungsinya melampaui pembayaran ke infrastruktur kredit yang lebih kompleks. Dengan 7 dari 35 validator (20%) telah menyetujui, jalannya voting akan menjadi sinyal penting bagi pasar mengenai pergeseran selera risiko dan adopsi institusional. **Mengapa Penting bagi Trader:** Ini bukan sekadar berita harga. Pengembangan seperti ini cenderung memengaruhi sentimen dan likuiditas di aset kripto terkait lainnya, seperti Bitcoin dan altcoin. Dalam pasar yang didorong aliran ETF dan leverage, memahami konteks struktur pasar sangat krusial. **Peringatan:** Pasar kripto sering menyederhanakan satu titik data menjadi narasi luas. Proposal ini adalah **sinyal**, bukan jaminan. Mekanisme inti pemberian kredit (siapa yang layak meminjam) tetap diserahkan kepada pihak di luar rantai, sehingga risiko kredit tradisional masih berlaku. **Langkah Selanjutnya:** Pantau apakah konsensus validator mencapai 80%. Amati juga metrik lanjutan seperti aliran on-chain, posisi derivatif, dan kondisi makro untuk melihat apakah tema ini menjadi tren pasar yang berkelanjutan atau hanya fluktuasi jangka pendek.

bitcoinist1j yang lalu

Proposal Pinjaman XRPL Membuka Pintu untuk Kredit Institusional di XRP Ledger

bitcoinist1j yang lalu

Trading

Spot
活动图片