Base's Leetswap DEX Halts Trading Following a $630k Exploit from Liquidity Pools

Base’s Leetswap DEX Halts Trading Following a $630k Exploit from Liquidity Pools

Updated: 01 August 2023

Disclosure

Don’t invest unless prepared to lose all the money you invest. This is a high-risk investment, you shouldn’t expect to be protected if something goes wrong.

Join Our Telegram channel to stay up to date on breaking news coverage

Decentralized exchange LeetSwap, operating on Coinbase’s Layer 2 Base chain, announced a temporary halt to its trading activities after being targeted in a $630,000 exploit.

The exchange, which is known for its decentralized trading services, revealed on X, formerly Twitter, that it had detected a potential compromise in some of its liquidity pools. LeetSwap said it had “temporarily stopped trading to investigate” the incident, expressing its commitment to resolving the issue promptly and transparently.

As our DEX is forked from Solidly, our factory had a security pause function.

We noticed that some pool liquidity might have been compromised and we temporarily stopped the trading to investigate.

— LeetSwap (@LeetSwap) August 1, 2023

The Exchange asserted that it is working closely with on-chain security experts to assess the extent of the exploit and take necessary steps to recover any locked liquidity. The exchange’s commitment to collaborate with security experts showcases the importance of community involvement and robust security measures within the decentralized finance (DeFi) ecosystem.

We are working with on-chain security experts to try and find a way to recover the locked liquidity.

If you did not lock your liquidity you are free to remove it from the pools.

— LeetSwap (@LeetSwap) August 1, 2023

The incident highlights the ongoing growing challenges DeFi platforms face with respect to safeguarding their users’ funds and maintaining the integrity of their services.

After pausing its trading services, LeetSwap urged users who had not locked their liquidity to remove it from the pools. Locking liquidity is a standard practice in the DeFi ecosystem that prevents malicious actors from removing funds from the liquidity pools.

Unfortunately, failure to lock liquidity exposes the pools to potential vulnerabilities, as seen in this incident.

Blockchain Analysts Speculate on LeetSwap Exploit Details

While the exchange has not provided a lot of details regarding the nature of the exploit, various blockchain analysts have tried to explain how it might have occurred.

According to Blocksec, a blockchain security company, the attacker employed a specific technique to manipulate the pool on the decentralized exchange (DEX). The process involved three key steps.

First, the attacker conducted a swap, exchanging $WETH (a token based on Ethereum) for another token. let’s say A. This initial swap allowed them to position themselves strategically within the pool.

Next, the attacker used a function called “_transferFeesSupportingTaxTokens” to transfer token A within the pool. Following this transfer, they triggered the “sync” function, which had the effect of artificially increasing the price of token A. By manipulating the price, the attacker was able to create an advantage for themselves within the pool.

Finally, taking advantage of the increased value of token A, the attacker performed another swap, converting token A back into $WETH. Having accomplished their plan, they proceeded to drain the entire pool, effectively siphoning off all the funds stored within it.

.@LeetSwap on $Base was attacked, and the loss was over 340 ETH. The attacker abused the public _transferFeesSupportingTaxTokens function to manipulate the pool:
1. Swapping $WETH for another token A.
2. Invoking the _transferFeesSupportingTaxTokens function to transfer token A,… https://t.co/xU2fr5sgSr

— BlockSec (@BlockSecTeam) August 1, 2023

The attacker with the address 0x705f carried out multiple attacks, targeting several pools. They managed to make profits from these exploits, and afterward, they transferred the obtained funds to a different address, 0x5b03.

Through this sequence of actions, the attacker exploited vulnerabilities in the pool’s mechanism, enabling them to profit at the expense of other users on the DEX. Blocksec’s analysis sheds light on the specific techniques used in the attack, underscoring the importance of robust security measures within the DeFi e ecosystem.

Echoing Blocksec’s analysis in separate tweets were Wintermute’s research head, Igor Igamberdiev, and other security firms such as CertiK, PeckShield, Beosin. They confirmed that the potential exploit has allowed the attacker to acquire 342.5 ETH, which is valued at more than $630,000 at current rates.

BALD Token Controversy Adds to Base’s Woes

The security breach on LeetSwap comes hot on the heels of another Base-related controversy involving the meme token, BALD. The BALD token’s deployer executed a rug pull, removing millions of dollars worth of liquidity from the token, leading to a sharp decline in its price. The move sparked allegations of an exit scam, though the project developer denied any malicious intent.

As the DeFi space continues to expand, security remains a paramount concern for users and developers alike. Incidents like the one experienced by LeetSwap underscore the need for exchanges and platforms to invest in robust security measures and engage with on-chain security experts to prevent and respond to potential exploits effectively.