Base’s largest DEX LeetSwap halts trading amid exploit concerns

Decentralized exchange LeetSwap, which operates on Coinbase’s Base network has announced a sudden pause to trading, citing concerns of a potential exploit.

LeetSwap tweeted on Aug. 1 that it noticed some of its liquidity pools may have been compromised and has temporarily able stopped trading to investigate.

Algorithmic market maker Wintermute’s research head Igor Igamberdiev was among those sharing theories on how the exploit may have worked, saying the attacker could have used an exposed smart contract function.

Related: Pro-XRP lawyer Jeremy Hogan’s scam tweet bonanza finally falls silent

The function would have allowed them to undertake a series of token swaps eventually allowing them to drain liquidity pools on LeetSwap.

It was easy:

– swap a bit of WETH for X tokens (should have fees)
– call _transferFeesSupportingTaxTokens(address, uint256) to move token to a Fees contract
– call sync()
– swap X tokens for all WETH from the pool

Don’t think that this function should be public

GG WP pic.twitter.com/a7vXvWf0HY

— Igor Igamberdiev (@FrankResearcher) August 1, 2023

Igamberdiev added the potential exploit has seemingly netted the attacker 342 Ether (ETH) worth over $630,000.

Asia Express: China expands CBDC’s tentacles, Malaysia is HK’s new crypto rival

This is a developing story, and further information will be added as it becomes available.