TL;DR#
On February 07, 2023, an attacker exploited CoW Swap protocol to siphon off approximately $166,500 in funds.
Introduction to CoW Protocol#
The CoW Protocol powers a network of traders and solvers to enable trustless and efficient peer-to-peer trading by utilizing batch auctions.
Vulnerability Assessment#
The vulnerability occurred because the exploiter was able to utilize a vulnerability in the token authorization process in order to transfer DAI from the GPv2Settlement contract via the SwapGuard contract.
Steps#
Step 1:
The attacker duped the owner of the GPv2Settlement contract into authorizing the use of the SwapGuard.
Step 2:
SwapGuard is a contract that CoW Swap used to help and validate swap results. It also supports arbitrary function calls, which means that anyone with access to the contract can invoke any function call within its code. The earlier authorization might have contributed to the success of the attack.
Step 3:
The contract deployed by the attacker enabled anyone to use approval in transferring from the settlement contract to an arbitrary address.
Step 4:
The Barter solver made an error of approving the malicious contract with the maximum amount of DAI to SwapGuard.
Step 5:
As a result, the attacker was able to call the public function and transfer DAI to their address.
Step 6:
The team stated that the hacker knew how the CoW Swap solver worked because the alleged hacker waited until the last day of the fee accrual period (every Tuesday) to carry out the attack.
Aftermath#
Following the incident, the team acknowledged its occurrence and stated that they had mitigated the problem and were investigating its cause.
The CoW Swap team revoked all approvals for the affected contract and upgraded to a new contract that did not support arbitrary code execution.
They further asserted that none of the user's funds were at risk. The team also shared a detailed post mortem report of the incident.
Solution#
The CoW Protocol recently witnessed a considerable exploit that resulted in a loss of around $166,500. This vulnerability stemmed from a flaw in the token authorization process, which the attacker smartly exploited to divert DAI from the GPv2Settlement contract using SwapGuard. This unfortunate episode underlines the imperative nature of robust smart contract security measures, especially when these contracts handle substantial funds and are at the core of decentralized platforms.
One key takeaway from this breach is the absolute necessity of limiting the capabilities of smart contracts, especially those that possess functionalities that support arbitrary function calls. Such expansive capabilities, without tight restrictions, inadvertently provide potential attackers with opportunities to exploit. It is also crucial for platforms to be wary of who is granted access or authorization, as seen in this instance where the attacker cunningly secured authorization for SwapGuard, a critical component in the CoW Swap ecosystem.
In light of this exploit, one cannot help but ponder the countermeasures that could have significantly mitigated the aftermath. Enter Neptune Mutual. Had CoW Protocol collaborated with us by setting up a dedicated cover pool within our marketplace, the fallout from this unfortunate incident could have been dramatically reduced. At Neptune Mutual, we are committed to safeguarding users against unforeseen vulnerabilities in smart contracts by offering parametric policies tailored to cushion losses resulting from such exploits. Our transparent and streamlined process ensures that users, without the need to provide tedious evidence of loss, can claim their dues once an incident is resolved. With our marketplace presence on popular blockchain networks, including Ethereum and Arbitrum, we ensure a wide-reaching protective umbrella for platforms and their users.
Beyond the compensation aspect, Neptune Mutual's commitment extends to preemptive security. Our experienced security team emphasizes a holistic evaluation, assessing everything from DNS and web-based security to intricate backend protections. Our approach to intrusion detection and prevention could have potentially identified vulnerabilities or suspicious activities in advance, providing CoW Swap with valuable lead time to implement countermeasures.
Reference Sources CoW Protocol, BlockSec
