Nov 2024 - Coinbase MainnetSettler Approval Issue Hold Token Theft 1 - $66k (United States)
Coinbase is a secure and user-friendly platform that facilitates the buying, selling, and storage of cryptocurrencies like Bitcoin and Ethereum. Designed to serve both beginners and experienced investors, it has become one of the most widely used cryptocurrency exchanges in the United States.
Since its founding in 2012, Coinbase has grown into a leading platform in the crypto space. It supports a wide range of services, including basic crypto investing, advanced trading tools, institutional custodial accounts, and a standalone wallet for individual users. It also launched its own U.S. dollar-backed stablecoin to enhance crypto transactions.
Trusted by approximately 73 million verified users, 10,000 institutions, and 185,000 partners across more than 100 countries, Coinbase plays a key role in the global crypto ecosystem. Fully regulated and licensed (except in Hawaii), Coinbase began with Bitcoin trading but has since expanded to support a variety of cryptocurrencies that meet its decentralized standards.
Unfortunately, the Mainnet Settler smart contract was launched with mistaken approvals being set, which allowed funds to be accessed and removed.
"It seems that the victim 0xa31d had an approval for #Hold token to the #MainnetSettler contract, which allowed arbitrary calls to be executed by anyone. As a result, the attacker managed to gain 308,453,642 #Hold tokens as profit by executing a transferFrom call."
MainnetSettler Contract: 0x70bf6634eE8Cb27D04478f184b9b8BB13E5f4710
TenArmor reports that the total amount lost due to this smart contract was $66k USD, which is based on a reported 308,453,642 Hold tokens.
So far, the only third party to officially recognize this exploit appears to have been TenArmor, who recommended revoking all approvals on the MainnetSettler contract. There is no indication that Coinbase has publicly recognized the exploit. There may be private communication that is not known.
There is limited publicly available information. The outcome of any recovery is unknown and it is also unclear how aware Coinbase is of the situation.
It is unclear if Coinbase will cover the loss for the affected wallet. It may be challenging and not economical to obtain any recovery of the funds from the exploiter.
The ultimate outcome and any information which will be made available is unknown at this point.
Further Analysis
Coinbase, a major cryptocurrency platform known for its security and broad user base, had a vulnerability in their Mainnet Settler smart contract, which led to an exploit. A wallet which has approved permissions on this contract allowed an attacker to execute a malicious transferFrom call, stealing over 308 million Hold tokens—valued at approximately $66,000. The exploit was identified and reported by TenArmor, who advised users to revoke approvals to the contract. As of now, Coinbase has not publicly acknowledged the incident, and it remains uncertain whether the affected user will recover the lost funds or if Coinbase will provide compensation.
How Could This Have Been Prevented?
More Cryptocurrency Exchange Hacks/Scams/Frauds
Matez Gaming Token Smart Contract Integer Truncation > > < < BSCGem Smart Contract Inflation Function Exploited
Sources/Further Reading
TenArmor - "Our system has detected a suspicious attack involving #MainnetSettler on #ETH, resulting in an approximately loss of $66K." - Twitter/X (Dec 31)
MainnetSettler Hold Withdrawal Transaction - Etherscan (Dec 31)
Coinbase Homepage (Dec 31)
Mainnet Settler Smart Contract - Etherscan (Dec 31)
Dev Engine Oz - "Some extremely abnormal behaviour going on with $saito erc20 purchases on #uniswap currently. Some big clips coming in and immediately transferring the tokens to another wallet. Could this be an exchange wallet?" - Twitter/X (Dec 31)
Agent Argus - "Recent Transaction Amount: 33 $USDC Chain: ETHEREUM" - Twitter/X (Dec 31)
 t.me/QuadrigaInitiative
|
 /r/QuadrigaInitiative
|
 @QuadrigaInit
|
 info@quadrigainitiative.com
|