Coinbase Lost $300K After Misstep with 0x Swapper Contract

TheCryptoTimesОпубліковано о 2025-08-09Востаннє оновлено о 2025-08-14

Coinbase recently lost about $300,000 in token fees after a flaw in how its corporate wallet interacted with a smart contract from the 0x Project.

A security researcher of Venn Network, deeberiroz, reported that Coinbase’s wallet had mistakenly approved tokens for a “swapper” contract. As per the screenshot shared by the researcher, these tokens are ONDO, AMP, SWELL and others. 

The swapper contract, which was created solely for trading purposes, was never designed to store token approvals. This misconfiguration left the funds vulnerable and waiting to be exploited by MEV bots, created solely to exploit this functionality. 

Maximal Extractable Value (MEV) bots are automated programs operating on blockchains. These programs run on for the sole purpose of identifying and profiting from price differences in transaction ordering.

The security officer at Coinbase, Philip Martin, verified the incident by saying, “I can confirm this is an isolated issue due to a change we made with one of our corporate DEX wallets, which led to unauthorized transfers.” The exchange has since shut down the token approvals and transferred the remaining funds into a new wallet.

What is the 0x Protocol?

Launched in 2016, the 0x Protocol is an open-source, Ethereum-based infrastructure that enables peer-to-peer digital asset trading. It’s an open-source collection of publicly audited smart contracts that can be utilized to create trading applications by developers. The protocol is very flexible and is utilized by many platforms to pool liquidity and enable token swapping.

In the Coinbase case, the MEV bots were successful in draining the funds due to the exchange’s improper setup of approval that enabled bots to invoke the swapper contract and carry out unauthorized transfers of the approved tokens.

Also Read: Coinbase, Squads Protocol Push USDC Growth on Solana



Пов'язані матеріали

Valle Capital Token Launches RWA and Agribusiness Ecosystem

Valle Capital Token (VCT) announces the development of its blockchain ecosystem on BNB Smart Chain, connecting global digital capital with Brazilian agribusiness and international commodity exports. The project combines RWA tokenization with a suite of digital tools for the agricultural and export sector, aiming to enhance transparency and operational visibility. Key components of the ecosystem include satellite field monitoring, climate mapping, logistics tracking, and AI-driven operational analysis. The platform uses EVM smart contracts to create auditable, on-chain records of key commercial documents and milestones such as contracts, bills of lading, and settlement status. VCT is structured around two operational arms: Valle Capital for agribusiness financing and Grupo CGM for export finance. The VCT utility token has a total supply of 650 million, allocated for presale, operations, liquidity, marketing, team, and reserves. The project outlines a roadmap from initial foundation and presale phases to capital deployment, operational tool integration, and scaling toward a global RWA marketplace. The initiative emphasizes its focus on real economic activity over speculation, targeting transparency, traceability, and digital infrastructure for the agro-export chain. Participation involves risks and is subject to jurisdictional restrictions and KYC/AML procedures.

TheNewsCrypto1 год тому

Valle Capital Token Launches RWA and Agribusiness Ecosystem

TheNewsCrypto1 год тому

Торгівля

Спот
活动图片